Senior Devsecops Engineer

CVP is seeking a Senior DevSecOps Engineer to join our growing enterprise cybersecurity team. As a DevSecOps Engineer on this team, you will be responsible for integrating security through the entire software development lifecycle. 

Responsibilities

• Configuration and build of Kubernetes clusters (EKS) implementing security best practices.
• Creating CI/CD pipelines for application builds, and security use cases leveraging gitlab CI.
• Gitops process builds leveraging Flux CD, creating security configurations for application and improvements to currents designs.
• Administering and improving the Security pipeline for SAST, DAST, Vulnerability, and compliance checks and overall strategy of deployment.
• Assist with configuration and design of APP Mesh and micro-service design from a security perspective.
• Containerize security tools.
• Develop Terraform modules for security needs, to include Kubernetes cluster builds (EKS) and general aws resources.
• A part of Agile development teams, deliver an end-to-end automation of deployment, monitoring, and infrastructure management in a cloud environment.
• Build and configure delivery environments supporting CD/CI tools using an Agile delivery methodology.
• Create scripts and/or templates to automate and/or bootstrap infrastructure provisioning and management tasks.
• Work closely with our development team to create an automated continuous integration (CI) and continuous delivery (CD) system.
• Work together with vendors and other IT personnel for problem resolution.
• Monitor and support all installed systems and infrastructure.
• Develop custom scripts to increase system efficiency and lower the human intervention time on any tasks.
• Contribute to the design of information and operational support system.
• Evaluate application performance, identify potential bottlenecks, develop solutions, and implement them with the help of developers.

Qualifications

• Must possess or be able to obtain a federal background investigation of Tier 4 Critical High-Risk Public Trust (Form SF 85P) government security clearance. U.S. Citizenship required.
• Bachelor's degree in business, information technology, or related field of study; 
• Minimum 10 years of experience in IT Industry.
• At start date, must possess a professional DevOps or Cloud certification.
• Zero Trust Architecture
• Experience with Gitlab CI and creating templates and multi-stage pipelines.
• Experience with Kubernetes best practices and App Mesh (Istio).
• Experience with creating organizational golden images and implementing security and hardening needs.
• Experience with OPA and Kubescan for compliance and hardening.
• Experience with Terraform and creating modules.
• Experience with Prometheus for monitoring and writing scrape jobs to ingest security appropriate metrics.
• Experience with GitOPS especially Flux and its best practices to improve processes and delivery.
• Experience with fully automating CI/CD pipelines end-to-end, from code commits to production
• Demonstrated experience with secure development, coding, engineering practices;
• Strong scripting skills, including shell scripts, Perl, Ruby, Python, Go, Groovy, Helm, etc.
• Excellent knowledge of networking technologies, particularly with OSI network layers and TCP/IP.
• Experience deploying and monitoring web applications in AWS.
• Security first mindset.
• Experience with Infrastructure as Code and infrastructure testing strategies.
• Experience with systems reliability, load balancing, monitoring, logging.
• Effective verbal and non-verbal communication with peers and clients.
• Knowledge of NIST Cybersecurity and Risk Management frameworks and associated requirements.
• Risk management processes (e.g., methods for assessing and mitigating risk).
• Cybersecurity/privacy principles and cyber threats and vulnerabilities.

Desired Skills

• AWS Certified Architect.  
• Pen Testing experience.
• Cyber program analysis.
• Cyber development, engineering and architecture.
• Splunk Engineer.
• Crafting and authoring cyber policy.
• Cyber Risk Management.
• DevSecOps Engineers.
• Linux Engineer.