Development Security Operations Engineer
Veritas Partners has an immediate need for a DevOps Security Engineer to join our team with a reputable organization headquartered in the Bethesda, MD area!
This position is operating in a HYBRID capacity out of the Maryland office with a great deal of flexibility!
The Development Security Operations Engineer supports multiple Digital Solutions IT projects from initial design and architecture to operations and maintenance and development, modernization, and enhancement. Infrastructure (IaaS) must be secure, reliable, and meet performance objectives.
The Development Security Operations Engineer follows the DevOps and Development Security Operations framework for that covers the following tasks:
· Continuous integration (CI) merges code changes to ensure the most recent version is available to developers.
· Continuous delivery and continuous deployment (CD) – automate the process of releasing updates to increase efficiency.
· Microservices – builds an application as a set of smaller services.
· Prompt and thorough installation of patches and updates to the full stack solution.
· Troubleshooting and responding to issues that are escalated to DevOps or DevSecOps. This may include working with others on the technical team to isolate the source of issue.
· Common weaknesses enumeration (CWE) – improves the quality of code and increases the level of security during the CI and CD phases.
· Threat modeling – implements security testing during the development pipeline to save time and cost in future.
· Automated security testing – test for vulnerabilities in new builds on regular basis.
· Incident response management – creates a standard framework for responding to security incidents.
· Partakes in the federal agency process and support of FISMA which includes documentation, artifacts, audits, reports, data calls, etc. and the issuance of the ATO (Authority to Operate) and the full C&A (Certification and Accreditation) process and package.
· Depending on the size of the project, the DevSecOps Engineer may be dedicated to one project or may split time across multiple projects providing broad-based support for the Digital Solution Leads while also working with Impact Centers to understand requirements and Functional Centers to acquire necessary cloud resources for each project.
· Deliver work on time and on budget.
· Follow DevOps and DevSecOps industry advances and best practices.
· Support business development opportunities.
Education and Experience: Bachelor’s degree in computer science with minimum of 6 years working in IT, with at least 6 years of experience in Cloud DevOps and or Development Security Operations Engineering.
In lieu of a Bachelor’s Degree must have minimum of 10 years of related IT work experience referenced above.
Knowledge: Excellent understanding of cloud deployments and security-related functions within all environments. Understanding of software development scripting languages in order to support code repositories, continuous deployments, and supporting technical and programming staff developers in code expeditious deployments and patches and system maintenance and continuous monitoring of the full stack cloud solution.