DevSecOps Engineer - Clearance Required
Overview
LMI is looking for an expert DevSecOps Engineer with an active SECRET clearance or above and a minimum 10-years of experience to support transforming and modernizing how the United States Army delivers software.
This is a 100% remote role with quarterly travel for in person team planning and collaboration events.
This position requires an active Secret clearance.
Responsibilities
As a DevSecOps Engineer you will be responsible for the following:
Continuous Integration/Continuous Deployment (CI/CD):
- Design, implement, and manage CI/CD pipelines in Gitlab to ensure efficient and reliable software delivery.
- Integrate security tools and practices into CI/CD workflows to detect and mitigate risks early.
- Familiar with implementation of deployment strategies including blue/green, canary, and A/B testing.
Automation and Scripting:
- Develop and maintain automation scripts to streamline and enhance deployment processes.
- Advise on and implement configuration management tools for consistent environment setup.
- Develop and manage automated deployment and configuration of Kubernetes clusters.
- Support configuration of automated testing including functional, integration, end-to-end, resilience, and disaster recovery.
Security Integration:
- Implement security measures and controls within CI/CD pipelines.
- Develop and employ automated, regular, pre and post-deployment security assessments and vulnerability scans and testing.
- Ensure compliance with Army and Department of Defense (DoD) security standards and policies.
- Provide direct technical input into security remediation documentation.
Monitoring and Incident Response:
- Set up and maintain monitoring and logging solutions to detect and respond to incidents in real-time.
- Collaborate with security teams to investigate and remediate security incidents and breaches.
Collaboration and Communication:
- Work closely with development, operations, and security teams to ensure seamless integration of security practices.
- Provide training and guidance to team members on security best practices and DevSecOps methodologies.
- Directly coordinate with Government service and resource providers to implement technical solutions.
Infrastructure as Code (IaC):
- Utilize AWS specific IaC tools (i.e. CloudFormation, SAM, CDK) to manage and provision infrastructure.
- Ensure infrastructure is secure, scalable, and compliant with Army requirements.
Risk Management:
- Identify and address potential security risks and vulnerabilities throughout the development lifecycle.
- Implement risk mitigation strategies and conduct regular risk assessments.
Compliance and Documentation:
- Ensure all systems and applications comply with relevant regulations and standards (e.g., NIST, FISMA, RMF).
- Provide DevSecOps technical input to comprehensive documentation of security practices, procedures, and incident response plans.
Performance Optimization:
- Optimize performance and scalability of applications and infrastructure.
- Conduct performance testing and implement improvements as needed.
Research and Development:
- Stay current with emerging technologies and security trends.
- Monitor and adapt to rapidly changing Government technologies and security trends.
- Evaluate and integrate new tools and technologies to enhance the security posture of Army systems.
Disaster Recovery and Organization Continuity:
- Collaborate with System Architect and Product Management to develop and maintain disaster recovery plans and organization continuity strategies.
- Conduct regular drills and tests to ensure preparedness for potential disruptions.
Software Development Support:
- Assist in the design, development, and deployment of secure software solutions.
- Coordinate with lead developers to ensure security is considered throughout the software development lifecycle (SDLC).
Qualifications
MINIMUM REQUIREMENTS:
- Minimum of a SECRET security clearance
- Bachelor’s degree in Computer Science or related technical field
- DoD 8570 IAT Level II Certification (SEC+ or other)
- 10+ years’ experience as a DevSecOps or Platform Engineer
- Proven, demonstrated technology experience with enterprise CI/CD
- Familiarization with programming best practices
- Ability to debug, optimize code, and automate routine tasks
- Systematic problem-solving approach, coupled with effective communication skills and a sense of drive
- Understanding of Unix/Linux operating systems
- Demonstrated experience building continuous, automated build and deploy pipelines.
- Demonstrated experience in conditional procedure of build and deploy pipeline based on security scans of source and artifact.
- Capable of working with software development team and platform infrastructure team to provide meaningful guidance to both for code development and deployment.
- In-depth knowledge of version control of release artifacts to facilitate upgrade rollout and rollback.
- Strong understanding of containerization of web applications.
- Understanding and familiarity with container orchestration engines such as K8s (EKS, AKS, GKE, Kops, OpenShift)
- Demonstrated Experience with GitLab CI/CD.
- Experience with bash shell scripting.
- Experience with AWS CI/CD tools and services.
- Experience with Agile development methodologies and working with Agile teams.
- Ability to work in a highly collaborative team environment.
PREFERRED EXPERIENCE/SKILLS:
- Master’s degree in science, technology, engineering, mathematics, computer science, economics, or related technical discipline
- AWS GovCloud experience is highly preferred.
- SAFe certification and experience are a plus.
- Experience working in IL4 or equivalent secure environments.
- Experience with security requirements in a federal IT environment, including FedRAMP-certified providers and FISMA requirements for acquiring an ATO.
- Experience working in a consultant/client environment