- Washington, DC
DevSecOps Engineer – Washington DC
JCDS is seeking a DevSecOps Engineer to support a data analytics project at a Federal Government client in Washington DC.
The DevSecOps Engineer will gather requirements, design, codify, integrate and implement secure solutions that support business functionality as well as the underlying infrastructure required to run and deploy those solutions.
- Develop, document, and implement CI/CD strategy for management of Infrastructure as Code IaC baseline
- Develop, document, and implement container management strategy to include management of container security and automated validation of immutable CI pipeline components for compliance with DHS processes.
- Develop and document shared infrastructure component management strategy to provide consistent standardized container, OS, and application baselines for infrastructure components available through self-service.
- Identify requirements, develop, document, and implement branching strategy to support change management requirements while automating as much of the deployment process as practical in the IaC CI/CD pipeline.
- Write code, building infrastructure as code, work with immutable “cloud” based environments, and build the supporting automated toolsets to test and deploy the systems they develop.
- Maintain services (and supporting cloud infrastructure) once they are live by measuring and monitoring availability, latency and overall system health.
- Establish strategy/toolset/framework for automating testing of services and products, develop best practices for test automation and develop test suites,
- Design, develop and implement solutions based on a set of standards and processes which establish consistency across the enterprise data, reduce risk, and promote efficiencies in support of the organization’s goals and objectives,
- A Bachelor of Science (BS) degree in related field or equivalent work experience can be substituted instead of a degree.
- A minimum of 8 years of experience in Cyber Security.
- 4+ years of hands-on experience in implementing/maintaining security in a CI/CD pipeline.
- Experience in the design and automation of security tools and processes.
- Writing and managing Ansible playbooks
- Managing templated deployments with Ansible Tower
- Managing IaC and cloud workloads deployed with CI tooling
- Building and managing CI frameworks
- Enterprise change management and federal compliance processes
- Experiences with GitLab or comparable VCS
- Must be a US citizen, candidates will have an extensive background check for DHS clearance.
Nice to Have:
- Experience in the use and management of an OpenStack deployment across multiple data centers
- Experience with VMware & Satellite
- Experience working in an Agile environment
- Experience with NIST / STIG compliance of immutable infrastructure components
- Experience with PXE-less discovery provisioning to automate hardware / under cloud scalability
- One of the following certifications: CCSP, CCSK, CSSLP, CISSP, CEH or similar
Monday, September 30, 2019