DevSecOps Engineer (Secret Clearance)
Indexed description
Work You'll Do
As a Senior Consultant, Enterprise Security on the GPS Cyber team, you will be responsible for...
- Designing and implementing DevSecOps processes that integrate security controls into software development, build, release, and deployment workflows
- Building and maintaining continuous integration and continuous delivery pipelines with automated security testing, code scanning, dependency scanning, and secrets detection
- Supporting cloud and platform engineering teams with secure configuration, infrastructure as code, container security, and identity and access management practices
- Collaborating with application developers, architects, and cyber teams to remediate vulnerabilities, improve secure coding practices, and strengthen release governance
- Producing technical documentation, implementation artifacts, and status reporting to support delivery, audit readiness, and client stakeholder decision-making
- Ability to work independently and collaborate as part of a team
- Effective written and verbal communication skills
- Meticulous attention to detail and quality of work product
- Ability to build and sustain professional relationships
- Ability to lead projects or workstreams
- Ability to manage and prioritize multiple tasks in a fast-paced and dynamic environment
- Strong interpersonal skills and professional demeanor
- Ability to meet deadlines
- Ability to provide clear guidance to others
Our Enterprise Security offering embeds security in all aspects of digital transformation by securing a client's technical backbone while enabling secure digital transformation. Includes security architecture, secure development and deployment, end-to-end cyber cloud capabilities, application security, and security for emerging technologies and connected products.
Qualifications
- Bachelor's degree in computer science, cybersecurity, information technology, engineering, or mathematics
- Local to the DMV area and have the ability to work onsite up to 5 days a week
- Ability to travel 20%, on average, based on the work you do and the clients and industries/sectors you serve.
- 4+ years of experience implementing DevSecOps practices across cloud or hybrid environments
- 4+ years of experience building or administering continuous integration and continuous delivery (CI/CD) pipelines using Jenkins, GitLab CI, GitHub Actions, or Azure DevOps
- 2+ years of experience integrating application security testing, dependency scanning, secrets scanning, or container security controls into CI/CD pipelines
- 3+ years of experience with Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform (GCP), and infrastructure as code using Terraform, AWS CloudFormation, or Ansible
- Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future.
- Experience supporting federal, state, local, or higher education environments
- Experience with National Institute of Standards and Technology (NIST) 800-53, NIST Secure Software Development Framework, FedRAMP, or Zero Trust security requirements
- Experience with Docker, Kubernetes, OpenShift, or container orchestration security practices
- Experience using SonarQube, Snyk, Prisma Cloud, Aqua, or comparable security tooling
- Experience developing automation using Python, PowerShell, Bash, or Go
- One or more certifications such as Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), AWS Certified Security - Specialty, Microsoft Azure Security Engineer Associate, or Certified Kubernetes Security Specialist (CKS)
You may also be eligible to participate in a discretionary annual incentive program, subject to the rules governing the program, whereby an award, if any, depends on various factors, including, without limitation, individual and organizational performance.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search