Aberdeen Proving Ground, MD · Information Technology
NorthHill Technology Resources has an immediate need for a DevSecOps Engineer at Aberdeen Proving Ground, MD. This role requires an active Secret Clearance.
Responsibilities and Deliverables:
Experience with various DevOps tools (e.g., GitLab, Terraform, Ansible, Docker, Kubernetes, etc.).
Design technical control standards for a variety of information systems based on industry best practices and guidelines (e.g., NIST CSF, CSA, CIS, OWASP).
Define and document requirements for secure operations across the entire delivery ecosystem: internal datacenter, secure perimeter, public cloud, software-as-a-service, vendor hosted, public and private endpoints, etc.
Recommend specific control sets to mitigate inherent risk identified through cybersecurity risk assessments and provide technical expertise to guide security risk assessments. Pentest as needed.
Coordinate with all departments to ensure cyber security control design is richly informed by current threat intelligence and incident response.
Oversee the enhancement and maintenance of Telesis’s secure software delivery lifecycle, including all aspects of secure coding practices, integration of security principles and practices into DevOps/DevSecOps, etc.
Proactively drive hunting and analysis.
Experience developing Infrastructure as Code (IAAC) on Cloud and on-prem environments.
Experience with ACAS, Nessus, Twistlock, SCAP.
Use ELK/Splunk Analytics platform and other proprietary tools to identify threats, determine root cause, scope, and severity of each critical anomaly.
Experience in setting up automated vulnerability scans.
Experience with setting up vulnerability and scanning in a CI /CD pipeline.
Design state-of-the-art technical solutions on AWS that address customer’s requirements for scalability, reliability, security, and performance.
Experience working with vCenter and ESXI 6.5 and later.
Experience with working in mixed environments for Windows and Linux.
Perform other duties or responsibilities as needed or assigned.
7 or more years of experience in a consulting/architecture position with a software and/or services company.
Python, C, or C++, with experience and qualification on at least one coding language.