DevSecOps Engineer

Primary Location:USA Aberdeen Proving Ground, Maryland
Clearance Level:Secret
Schedule:Full-time
Job Type:Regular
Travel:Possibly

Responsibilities and Deliverables:

• Experience with various DevOps tools (e.g., GitLab, Terraform, Ansible, Docker, Kubernetes, etc.).
• Design technical control standards for a variety of information systems based on industry best practices and guidelines (e.g., NIST CSF, CSA, CIS, OWASP).
• Define and document requirements for secure operations across the entire delivery ecosystem: internal datacenter, secure perimeter, public cloud, software-as-a-service, vendor hosted, public and private endpoints, etc.
• Recommend specific control sets to mitigate inherent risk identified through cybersecurity risk assessments and provide technical expertise to guide security risk assessments. Pentest as needed.
• Coordinate with all departments to ensure cyber security control design is richly informed by current threat intelligence and incident response.
• Oversee the enhancement and maintenance of Telesis’s secure software delivery lifecycle, including all aspects of secure coding practices, integration of security principles and practices into DevOps/DevSecOps, etc.
• Proactively drive hunting and analysis.
• Experience developing Infrastructure as Code (IAAC) on Cloud and on-prem environments.
• Experience with ACAS, Nessus, Twistlock, SCAP.
• Use ELK/Splunk Analytics platform and other proprietary tools to identify threats, determine root cause, scope, and severity of each critical anomaly.
• Experience in setting up automated vulnerability scans.
• Experience with setting up vulnerability and scanning in a CI /CD pipeline.
• Design state-of-the-art technical solutions on AWS that address customer’s requirements for scalability, reliability, security, and performance.
• Experience working with vCenter and ESXI 6.5 and later.
• Experience with working in mixed environments for Windows and Linux.
• Perform other duties or responsibilities as needed or assigned.

Required Qualifications:

• 7 or more years of experience in a consulting/architecture position with a software and/or services company.
• Python, C, or C++, with experience and qualification on at least one coding language.
• Security Certifications (e.g. Security+, GCIA, GCIH, GCFA, GCNA, CEH, CISSP, etc.).
• Looking for team players who are willing to conduct a special mission assessment through an on-site skills assessment and verification
• Do you build your own servers and have a rack at your house?
• Are you frustrated that you can’t communicate to your boss what you want to do, because they don’t understand?
• Are you unafraid to venture into the unknown without guides?
• Strong technical expertise in AWS IaaS – Governance, Network, Security, Identity, Compute, Storage, Backup & DR, Monitoring and Automation.
• Understanding of PaaS and DevOps solutions is a must.
• Hands-on experience in POC and production deployments is required in Cloud AWS.
• Knowledge of scripting tools like PowerShell, Terraform CLI is needed.
• Proven track record of building deep technical relationships with senior IT executives and growing data services in large or highly strategic accounts.
• Demonstrated ability to adapt to new technologies and learn quickly.
• Proven track record of driving decisions collaboratively.
• Presentation skills with a high degree of comfort with both large and small audiences (Senior Executives, IT management, and developers).

Education and Certifications:

• Bachelor’s degree, preferably in Computer Science or related STEM field.
• AWS certification preferred.
• Active Secret Clearance. Candidates must have or be able to obtain and keep a Secret Clearance.