View all jobs
DevSecOps Engineer
Aberdeen Proving Ground, MD · Information TechnologyNorthHill Technology Resources has an immediate need for a DevSecOps Engineer at Aberdeen Proving Ground, MD. This role requires an active Secret Clearance.
Responsibilities and Deliverables:
Responsibilities and Deliverables:
- Experience with various DevOps tools (e.g., GitLab, Terraform, Ansible, Docker, Kubernetes, etc.).
- Design technical control standards for a variety of information systems based on industry best practices and guidelines (e.g., NIST CSF, CSA, CIS, OWASP).
- Define and document requirements for secure operations across the entire delivery ecosystem: internal datacenter, secure perimeter, public cloud, software-as-a-service, vendor hosted, public and private endpoints, etc.
- Recommend specific control sets to mitigate inherent risk identified through cybersecurity risk assessments and provide technical expertise to guide security risk assessments. Pentest as needed.
- Coordinate with all departments to ensure cyber security control design is richly informed by current threat intelligence and incident response.
- Oversee the enhancement and maintenance of Telesis’s secure software delivery lifecycle, including all aspects of secure coding practices, integration of security principles and practices into DevOps/DevSecOps, etc.
- Proactively drive hunting and analysis.
- Experience developing Infrastructure as Code (IAAC) on Cloud and on-prem environments.
- Experience with ACAS, Nessus, Twistlock, SCAP.
- Use ELK/Splunk Analytics platform and other proprietary tools to identify threats, determine root cause, scope, and severity of each critical anomaly.
- Experience in setting up automated vulnerability scans.
- Experience with setting up vulnerability and scanning in a CI /CD pipeline.
- Design state-of-the-art technical solutions on AWS that address customer’s requirements for scalability, reliability, security, and performance.
- Experience working with vCenter and ESXI 6.5 and later.
- Experience with working in mixed environments for Windows and Linux.
- Perform other duties or responsibilities as needed or assigned.
- 7 or more years of experience in a consulting/architecture position with a software and/or services company.
- Python, C, or C++, with experience and qualification on at least one coding language.
- Security Certifications (e.g. Security+, GCIA, GCIH, GCFA, GCNA, CEH, CISSP, etc.).
- Looking for team players who are willing to conduct a special mission assessment through an on-site skills assessment and verification
- Strong technical expertise in AWS IaaS – Governance, Network, Security, Identity, Compute, Storage, Backup & DR, Monitoring and Automation.
- Understanding of PaaS and DevOps solutions is a must.
- Hands-on experience in POC and production deployments is required in Cloud AWS.
- Knowledge of scripting tools like PowerShell, Terraform CLI is needed.
- Proven track record of building deep technical relationships with senior IT executives and growing data services in large or highly strategic accounts.
- Demonstrated ability to adapt to new technologies and learn quickly.
- Proven track record of driving decisions collaboratively.
- Presentation skills with a high degree of comfort with both large and small audiences (Senior Executives, IT management, and developers).
- Bachelor’s degree, preferably in Computer Science or related STEM field.
- AWS certification preferred.
- Active Secret Clearance.