DevSecOps Lead
Washington, D.C.
Applications have closed
XOR Security is currently seeking talented Development Security Operations (DevSecOps) Lead to support the DHS ESOC Program.
- Team Lead of a small DevSecOps team
- Develop, document, and implement CI/CD strategy for management of Infrastructure as Code (IaC) baseline
- Develop and document shared infrastructure component management strategy to provide consistent standardized container, OS, and application baselines for infrastructure components available through self-service
- Identify requirements, develop, document, and implement branching strategy to support change management requirements while automating as much of the deployment process as practical in the (IaC) CI/CD pipeline.ie. Selenium, Prometheus or Cucumber or various DevSecOps functioning to include system debugging.
- Review, debug, and resolve technical issues throughout all stages of SDLC
- Assist with process development and process improvement for Security Operations to include creation/modification of SOPs, Playbooks, and Work instructions
- Measure effectiveness of process improvement and automation efforts via metrics and KPIs
- Leading a team in a rapidly changing environment; seeking diverse views; coaching staff providing timely and meaningful feedback.
- Perform integration activities to connect with 3rd party software APIs
- Design, implement, and maintain efficient and reusable Python code
- Work with stakeholders to develop requirements and deliverables
- Communicates with project manager on a frequent basis. Identifies tasks and issues that may have an impact on service levels or schedules. Provides realistic task and cost estimates.
- Maintains a current and working knowledge of IT development methodology, architecture design, and technical standards. Mentors IT staff and identifies training needs. As new standards are instituted, ensures their usage by team members.
- Communicates with other technical leads, IT groups, and clients so they understand the project's technical implications, dependencies, and potential conflicts. Evaluates the impacts of change requests on own/shared technologies and effectively persuades and influences others on ideas.
- Reviews and approves documentation and diagrams created by IT team members (e.g., system specifications). Writes documentation, including technical standards and processes.
- Ability to enable simplification and efficiencies by identifying opportunities to leverage systems and investments across business areas and territories.
- CASP, GCIH, GCWN, GISF, GISP, GSSP, GICSP, GSSP, SEI, CISSP, CSSLP, SSCP, CCNP, CCNP Security, CCIE Security, CEH, ECSP, MCSE, RHCA, RHCE, VCP, VCAP, VCIX, VCDX, Splunk Enterprise Certified Architect
Basic Qualifications:
-Experience leading teams in a rapidly changing environment; seeking diverse views; coaching staff providing timely and meaningful feedback.
-Experience with VMware & Ansible/Ansible Tower
-Extensive experience in design and automation of security tools and processes
-Extensive experience in development, APIs, and scripting language support
-Experience implementing and maintaining services in a CI/CD pipeline
-Experience working in an Agile development environment
-Working knowledge of REST APIs, JSON, HTML/CSS, Javascript, XML
-Department of Homeland Security ESOC employees are required to obtain an Entry on Duty (EOD) clearance to support this program.
-Communicates with project manager on a frequent basis. Identifies tasks and issues that may have an impact on service levels or schedules. Provides realistic task and cost estimates.
-Maintains a current and working knowledge of IT development methodology, architecture design, and technical standards. Mentors IT staff and identifies training needs. As new standards are instituted, ensures their usage by team members.
-Communicates with other technical leads, IT groups, and clients so they understand the project's technical implications, dependencies, and potential conflicts. Evaluates the impacts of change requests on own/shared technologies and effectively persuades and influences others on ideas.
-Reviews and approves documentation and diagrams created by IT team members (e.g., system specifications). Writes documentation, including technical standards and processes.
-Ability to enable simplification and efficiencies by identifying opportunities to leverage systems and investments across business areas and territories.
Desired Qualifications:
-Experience with data administration such as S3 storage pools
-Experience working in AWS and Azure
-Experience with SOAR platforms such as Swimlane, Phantom, Demisto, etc.
-Experience as a SOC Analyst and/or Incident Responder
-Authoring SOC SOPs, playbooks, work instructions and/or other process documents
-Working knowledge of Java
Closing Statement:
XOR Security offers a very competitive benefits package including health insurance coverage from first day of employment, 401k with a vested company match, vacation and supplemental insurance benefits.
XOR Security is an Equal Opportunity Employer (EOE). M/F/D/V.
Citizenship Clearance Requirement
Applicants selected may be subject to a government security investigation and must meet eligibility requirements - US CITIZENSHIP REQUIRED
Tags: Agile Ansible APIs Automation AWS Azure CASP+ CCNP CEH CI/CD CISSP Clearance DevSecOps GCIH GICSP Java JavaScript JSON KPIs Prometheus Python S3 Scripting SDLC SOAR Splunk SSCP Strategy VMware XML
Perks/benefits: 401(k) matching Health care
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Information Security Specialist jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CEH-related jobs