DevSecOps Engineer

Responsibilities

Evaluate, select, design, and configure security infrastructure systems in a global environment. Conduct internal audits, help mitigate findings and implement improvement measures. Identify, integrate, monitor, and improve infosec controls by acknowledged business processes. Works in tandem with the Information System Security Officer (ISSO), enhancing the security direction for the organization, including systems, networks, user services, and vendor development efforts. Install, configure, manage, and maintain enterprise applications and other technical controls. Define and implement this customer's build, deployment, and monitoring standards. A part of Agile development teams to deliver end-to-end automation of deployment, monitoring, and infrastructure management in a cloud environment; Build and configure delivery environments using an Agile delivery methodology; Create scripts and/or templates to automate and/or bootstrap infrastructure provisioning and management tasks; Working closely with the development team to create an automated continuous integration and continuous delivery system; Monitor all installed systems and infrastructure; Develop custom scripts to increase system efficiency and lower the human intervention time on any tasks; Install, configure, test and maintain operating systems, application software, and system management tools; Oversee the organization's security, backup, and redundancy strategies; Evaluate application performance, identify potential bottlenecks, develop solutions, and implement them with the help of developers: Troubleshoot security system and related issues. Assist with complex projects and ongoing security operations. Conduct network and system tests via simulation or other means to highlight and find any weaknesses that may be exploited. Assist in defining security standards and system reviews to conclude if they have been designed to comply with established security standards. Develop new standards as necessary. Core activities: monitoring and improving DevSecOps tools and processes. Design, implement, and evaluate security-focused tools, vulnerability management tools, and services. Conduct periodic Vulnerability assessments. Participate in incident handling and other related duties for the information security function.

Qualifications

Minimum Qualifications:

• Bachelor's degree and 10-12 years experience, or master's degree and 8-10 years experience, or PhD and 5-7 years experience.
• 2-3 Years of cloud experience (AWS, and/or Azure).
• Experience leading DevOps/DevSecOps implementation in large programs especially migrating legacy applications, reengineering, and automating systems to improve end-to-end software life cycle management utilizing automation.
• In-depth technical expertise in DevSecOps techniques, continuous integration; continuous testing; and continuous deployment; trade studies and analysis of alternatives; development of end-to-end solution deployment across environments.
• Conduct regular security scans, analyze results, and implement resolutions, including testing new hardware and software and ensuring compliance with DISA STIGs.
• Create, maintain, and implement detailed documentation and maintain standard operating procedures.
• Familiarity with multiple operating systems (Windows, Linux, etc.).
• Familiarity with at least one Relational Database Management System (Oracle, MySQL, PostgreSQL, SQL Server, etc.).
• Ability to think and act strategically; capable of working independently or collaboratively as part of a small team.
• TS/SCI clearance required

 

 

Preferred Qualifications: 

• 5+ years of experience with large-scale network design and deployment.
• Experience with CloudFormation, and Elasticsearch.
• Basic understanding of an Object-Oriented Programming Language, preferably Java or Python.
• Experience integrating Jenkins and Docker for automated CI/CD pipelines.
• Basic understanding of Kubernetes or OpenShift Container Platform.
• Global Skill Development Council -Certified DevOps Engineer/ DevOps Engineer or similar.
• Experience implementing DevSecOps for a large program using Agile, preferably SAFe, development methodology.
• Experience implementing DevSecOps for a Cloud-based system on a modernization program, ensuring existing applications and systems are modernized to satisfy legacy functional requirements.

Peraton Overview

Peraton drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world’s leading mission capability integrator and transformative enterprise IT provider, we deliver trusted and highly differentiated national security solutions and technologies that keep people safe and secure. Peraton serves as a valued partner to essential government agencies across the intelligence, space, cyber, defense, civilian, health, and state and local markets. Every day, our employees do the can’t be done, solving the most daunting challenges facing our customers.

Target Salary Range

$146,000 - $234,000. This represents the typical salary range for this position based on experience and other factors.