United States onlyLocation: Virginia - Full remote (East Coast)
Number of openings: 1
Experience: 5+ Years of dedicated DevSecOps
Pay Rate to candidates: $65-70/hr ($135K salary when converted after 6-months)
Benefits: None/Contract
Start Date: 2-3 weeks
Clearance Level: None, must be US Citizen and must be able to get Public Trust
Role Overview:
The DevSecOps team is responsible for developing various security and infrastructure solutions in the cloud and on-premise data centers. We are seeking a motivated individual as this team is constantly evolving and is currently evolving cloud security solutions in AWS. The successful candidate will have proven experience in automating manual IT infrastructure and security processes and will have a proven track record of learning new technologies.
Role Responsibilities:
Participating in a rotating on-call schedule
Integrating with application teams to act as security SME and assist with connecting to new and existing security-related tooling
Reviewing and assisting application teams with architectural decisions pertaining to security best practices.
Develop IaC using Cloud Formations and Terraform
Develop reusable automation using Ansible
Develop processes and automation to harden AMI and Docker Container Images
Write and review Kubernetes Network and Service Mesh policies to create inner cluster security perimeters.
Assist Security Organization with research and development of tooling and applications that can shift security into CI/CD Pipelines
Develop Jenkins and CircleCI code to build or add onto new existing CI/CD pipelines
Perform research and development on new Cloud offerings from a variety of Cloud Platforms.
Develop example code, best practice documents, and processes to aid application and SecOps teams in deploying their service offerings.
Required Education and Qualifications:
5+ years IT Experience
Bachelor of Science in Computer Science, Information Systems, Mathematics, Engineering, or a related degree. Can substitute 3 additional years of relevant experience in lieu of a degree.
2+ years of experience working in Kubernetes environments. This experience must include engineering deployment strategies, experience hardening deployments, and hardening the control plane and worker nodes. Also, a key skill is to understand how to implement observability and altering into new and existing clusters.
2+ years of experience developing in containerized environments
2+ years of experience presenting the technical solutions you develop to other teams and organizing technical dependencies involving other teams.
4+ years of experience in DevOps or DevSecOps roles. Must have experience working closely with application or infrastructure teams as a DevOps or DevSecOps engineer and have experience developing with Ansible and Terraform.
4+ years of Cloud Platform and Security Engineering. Experience working with one or more cloud platforms (AWS experience preferred) to develop secure solutions that scale. This includes but is not limited to, AWS Lambda, Docker, and Kubernetes-related services, cloud network and cloud services, and a deep understanding of how to secure and observe those services.
2+ years of Security Engineering. Experience building and reviewing architectures, focusing on security best practices. An understanding of reading and implementing security y controls in new and existing architectures, coupled with the ability to communicate successfully with the greater security organization, is required.
Desired Qualifications:
Strong experience with Kubernetes and service mesh orchestration: Must have experience with Kubernetes in production environments. Have experience with best practices in deploying Kubernetes and have a firm grasp on the challenges and solutions around securing a cluster. Experience with service mesh orchestration as a means to inject security (Istio, Linkerd, etc.) is a key piece of our projects.
Strong DevSecOps practices: Experienced with injecting security hardening and best practices into existing and new projects that follow DevOps practices. The candidate is expected to absorb existing security strategies and engineer solutions in active and new CI/CD Pipelines, IaC, and configuration management tools. Looking for a candidate who is excited about shifting security early in the application and platform lifecycle and optimizing observability.
Experienced DevOps Tools Management: Experience managing and contributing to tooling that helps keep the DevOps culture functional and fruitful for application teams. Experience managing and deploying CI/CD tools and artifact repositories is also considered favorable.
Clearance & Location Requirements:
Able to be cleared for a Public Trust clearance.
