We are looking for a Dev/Sec OPS Engineer Mid level SME to join our Washington DC team.
Department of Homeland Security (DHS), Headquarters (HQ) Enterprise Security Operations Center (ESOC) is a US Government program responsible to prevent, identify, contain and mitigate cyber threats to DHS enterprise networks. The DHS ESOC is responsible for the overall IT security of DHS Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed IT security violations.
Sharp Solutions, Inc. has an immediate need for a motivated Development Security Operations (DevSecOps) Engineer to support the DHS ESOC Program.
The DevSecOps Engineer will gather requirements, design, codify, integrate and implement secure solutions that support business functionality as well as the underlying infrastructure required to run and deploy those solutions.
- Develop, document, and implement CI/CD strategy for management of Infrastructure as Code (IaC) baseline
- Develop, document, and implement container management strategy to include management of container security and automated validation of immutable CI pipeline components for compliance with DHS 800-53 processes.
- Develop and document shared infrastructure component management strategy to provide consistent standardized container, OS, and application baselines for infrastructure components available through self-service.
- Identify requirements, develop, document, and implement branching strategy to support change management requirements while automating as much of the deployment process as practical in the (IaC) CI/CD pipeline.
Must Have One of the Following J3 Certifications
CASP, GCIH, GISF, GISP, GSSP, GICSP, GSSP, SEI, CISSP, CSSLP, SSCP, CCNP, CCNP Security, CCIE Security, CEH, ECSP, MCSE, RHCA, RHCE, VCP,VCAP, VCIX, VCDX, or Certified Splunk Architect
Must have an active Secret Level Clearance and in addition, be able to obtain a DHS EOD Clearance.
A minimum of 5 years of experience in Cyber Security.
2+ years of hands on experience in implementing/maintaining security in a CI/CD pipeline.
Experience in the design and automation of security tools and processes.
One of the following certifications:
CCSP, CCSK, CSSLP, CISSP, CEH or similar
In addition should have experience with the following:
- Writing and managing Ansible playbooks
- Managing templated deployments with Ansible Tower
- Managing IaC and cloud workloads deployed with CI tooling
- Building and managing CI frameworks
- Enterprise change management and federal compliance processes
- GitLab or comparable VCS
- Experience in the use and management of an OpenStack deployment across multiple data centers
- Experience with VMware & Satellite
- Experience working in an Agile environment
- Experience with NIST / STIG compliance of immutable infrastructure components
- Experience with PXE-less discovery provisioning to automate hardware / undercloud scalability
- Experience with data administration automating management of large (multi PB) S3 storage pools
SSi is an equal opportunity employer regardless of race, color, religion, creed, sex, marital status, national origin, disability, age, veteran status, on-the-job injury, sexual orientation, political affiliation or belief. Employment decisions are made without consideration of these or any other factors that employers are prohibited by law from considering. Any discriminatory action can be a cause for disciplinary action. SSi also prohibits discrimination against individuals with disabilities and will reasonably accommodate applicants with a disability, upon request, and will also ensure reasonable accommodation for employees with a disability. Veterans are encouraged to apply.