DevSecOps Engineer
Job Description
Category | Software Engineer | Position Type | Regular Full-Time |
Scientific Research Corporation is an advanced information technology and engineering company that provides innovative products and services to government and private industry, as well as independent institutions. At the core of our capabilities is a seasoned team of highly skilled engineers and scientists with multidisciplinary backgrounds. This team is challenged daily to provide cutting edge technology solutions to our clients.
SRC offers a generous benefit package, including medical, dental, and vision plans, 401(k) with a company match, life insurance, vacation and sick paid time off accruals starting at 10 days of vacation and 5 days of sick leave annually, 11 paid holidays, tuition reimbursement, and a work environment that encourages excellence and more. For positions requiring a security clearance, selected applicants will be subject to a government security investigation and must meet eligibility requirements for access to classified information.
- Bachelors Degree in Information Systems or similar degree
- 5+ years experience with or knowledge of DEVSECOPS Principles, to include any experience being part of an Agile or Extreme Programming development team
- Certification in Linux such as Linux+, RHCSA. Background in Linux system admin is required
- 1+ years experience in CI/CD pipeline workflow management necessary, to include proficiency in Git, Bash, automation methodologies, and cloud native apps
- Experience creating a ization platform to deploy and maintain applications
- Experience utilizing OpenShift on AWS, managing app deployment and full lifecycles
- Experience managing/administering web server architecture including Apache Tomcat on a RHEL O/S
- Experience working with two or more of the following development components: GIT, Fortify, SonarQube, Chef, Docker, Podman, OpenShift, Kubernetes, Helm, Tekton, and F5 APM
- Expert knowledge with Windows and RHEL administration, in-depth knowledge of RHEL and Windows-based distros. Familiarity with a multitude of OSS tools and utilities for managing, monitoring and troubleshooting Linux infrastructure and networks
- 5+ years experience administering servers, backup operations, and systems monitoring in multiple and complex network server environments
- 2+ Experience administering Atlassian suite in cloud environment, as well as understanding of JIRA user workflows for trouble tickets and project management
- Experience with automation tools including PowerShell, Ansible, and ScriptRunner.
- 2+ years experience working with identity access management platforms, especially with security policies, multi-factor authentication mechanisms, DoD certificate exchange, and zero-trust design models
- Ability to work and advise multiple cross-domain teams, manage conflict, and communicate both very technically and to a layman
- Experience and understanding of network design and troubleshooting as it applies to interoperability of security systems with the network
- 5+ years experience with Data Center migrations, server upgrades, O/S, or firmware patching
- Experience configuring, deploying, managing, and maintaining security equipment and related applications and platforms
- Experience with business continuity and disaster recovery; install new / rebuild existing servers and configure hardware, peripherals, services, settings, directories, storage, etc.
- Experience with web technologies such as HTML4/5, XML, SOAP and SOAPUI
- Experience with middleware technologies RabbitMQ, Java runtime, and/or .NET runtime
- Experience using configuration management systems such as GIT, Apache SVN, or AWS CodeCommit
- Experience with network analysis software such as SD Elements, Splunk, Sniffer, Wireshark, or Microsoft Network Monitor
- 5+ years of system administration experience in Windows Server 2016, Windows 10, Red Hat Enterprise Linux (RHEL), VMware products (e.g. vSphere Client, vROPS Manager) and networking equipment
- Experience with DoD security implementation (e.g. STIG) and security tools including HBSS & ACAS
- Self-starter that requires minimal direction and supervision; is open to new ideas, and is a creative and flexible individual who is comfortable working in a large, dynamic, and complex organization
- Strong verbal and written communication skills, ability to thrive in a diverse, fast-changing environment
- Ensuring system platform supports developer software tools for DoD and IC community and that developer pipeline tools are functioning and communicating in accordance with Federal, Department of Defense (DoD), and Intelligence Community (IC) policy
- Performing system administration for enterprise software applications on a regular upgrade cycle, ensure DoD users have availability for development software tools and workflow apps in a DevSecOps pipeline
- Developing and assisting design of the security interfaces, security interconnections, and the trust relationship between system components and external systems.
- Implementing system security designs using commercial-off-the-shelf (COTS), government-off- the-shelf (GOTS), and open-source hardware and software
- Overseeing the hardening and configuration systems and system components in accordance with various Federal, DoD, and IC guidance
- Managing security assessments of systems and system components using industry standard automated vulnerability scanning tools; vulnerability scanning tools may include Tenable Nessus and Security Content Automation Protocol (SCAP)
- Coordinating with cyber on security assessments to identify security control failures and recommend corrective actions
[#LI-JC1]
SRC IS A CONTRACTOR FOR THE U.S. GOVERNMENT, THIS POSITION WILL REQUIRE U.S. CITIZENSHIP AS WELL AS, A U.S. GOVERNMENT SECURITY CLEARANCE AT THE SECRET LEVEL WITH TOP SECRET / SCI ELIGIBILITY
- No travel required
We strongly believe in the abundance of differences among individuals. We value different points of view and appreciate diverse perspectives. We truly believe this is what makes our organization inclusive and more responsive to the needs of our diverse customers.
Scientific Research Corporation is an equal opportunity and affirmative action employer that does not discriminate in employment.
All qualified applicants will receive consideration for employment without regard to their race, color, religion, sex, age, sexual orientation, gender identity, or national origin, disability or protected veteran status.
Scientific Research Corporation endeavors to make www.scires.com accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact jobs@scires.com for assistance. This contact information is for accommodation requests only and cannot be used to inquire about the status of applications.
*Please mention you saw this ad on AcademeCareers.*