Site Reliability Engineer - DevSecOps with Security Clearance

---

Job description

Overview GovCIO is currently hiring for a DevSecOps / Site Reliability Engineer to support the U.S. Army Command, Control, Communications, Computers, Cyber, Intelligence, Surveillance and Reconnaissance (C5ISR) Center, which strives to make a positive impact for Soldiers by providing science and technology solutions within the Army Futures Command Combat Capabilities Development Command (DEVCOM). The successful candidate will work as part of a team to develop technologies the U.S. Army uses on platforms from Soldier to ground vehicle, and from Air to Space. The C5ISR Center ensures our forces have the capability to see, sense, communicate, and move faster than our adversaries. This position will be located at Aberdeen Proving Ground, MD and will be a remote position. Responsibilities The Innovation Exchange Lab is looking for someone to support their daily operations including: Perform daily infrastructure as code updates
Deployments to Kubernetes
Participate in design and code reviews and offer direction to ensure project scoping activities match architectural goals and specifications.
Document DevSecOps processes and ensure that the DevSecOps platforms are up to date and properly maintained.
Create, develop, and implement solutions to address infrastructure and security requirements
Identify the needs for build automation, designing, and implementing Continuous Integration/Continuous Delivery (CI/CD) solutions; Maintain GitLab pipelines
Support pushes to Kubernetes
Implement tools and technologies
Test new systems and applications
Automate key security processes
Create solutions for an efficient and secure organization Identify security holes and potential breaches
Develop security strategies and controls
Mitigate risks and vulnerabilities
Promote cybersecurity awareness
Comply with relevant standards and regulations
Monitor the overall network and security infrastructure Consult on DevSecOps requirements from diverse application/line of business partners
Create plug-and-play/reusable solutions and patterns for CICD pipelines
Create, develop, and implement automation and system integration for various build platforms
Publish and disseminate CICD best practices, patterns, and solutions
Ensure that the service's uptime and response time SLAs/OLAs are met or surpassed
Build or maintain CICD building blocks and shared libraries proactively for app and development teams to enable quicker build and deployment
Design action plans to address CICD platform/tools/solutions' shortcomings and difficulties
Actively participate in bridge calls with team members and contractors/vendors to prevent or quickly address problems
Troubleshoot, identify, and fix problems in the DevSecOps domain
Ensure incident tracking tools are updated in accordance with established norms and processes, gather all essential data and document any discoveries and concerns
Identify management concerns and problems, assess them, and offer prompt solutions and/or escalation
Align with technological Systems/Software Development Life Cycle (SDLC) processes and industry-standard service management principles (such as ITIL)
Create and publish engineering platforms and solutions Qualifications High School with 6 - 9 years (or commensurate experience) Clearance Required: Secret Clearance Interim Secret is acceptable Required Skills and Experience Comprehensive technical expertise in a variety of DevSecOps toolkits, including Dockers, Helm Chart, Artifactory, Jira, Sonarqube, Nexus repository, Kubernetes, Terraform, GitLab /Version Control Software, or comparable technologies
Docker/container knowledge
Experience deploying BigBang from Platform One or other helm charts with multiple services/workloads deployed programmatically with downtrace charts, and istio mesh integration and external ingress interoperability, such as Application Gateway and nginx private ingress controllers.
Knowledge of DevOps Automation (TerraForm, GitHub, GitHub Actions)
Knowledge of Prisma cloud, SIEM, SOC, Nessus, Crowd strike or similar services
Familiarity with API Security, Container Security, AWS Cloud Security and Azure Sentinel/Defender for Cloud
Knowledge of PCI-DSS, HIPPA, SOX, GDPR, and CCPA Standards and Policies and the associated certification and audit processes
Familiarity with Amazon AWS policy, configuration, and security management tools
Experience with security automation and machine learning
Proven capacity for thinking leadership and a highly creative problem-solver
Excellent analytical and interpersonal skills
Ability to express technical information clearly at different organizational levels
Communication and collaboration skills to work with other professionals to integrate security throughout the SDLC efficiently
Familiarity with information security frameworks, standards, and concepts of integrity, confidentiality, and availability
Strong understanding of the entire Software Development Lifecycle
Knowledge of best security practices and principles
8570.01-M Certifications: Security+ (or equivalent) Preferred Skills and Experience Preferred experience with Ansible and/or Jenkins is desired Company Overview GovCIO is a team of transformers people who are passionate about transforming government IT. Every day, we make a positive impact by delivering innovative IT services and solutions that improve how government agencies operate and serve our citizens. But we can't do it alone. We need great people to help us do great things - for our customers, our culture, and our ability to attract other great people. We are changing the face of government IT and building a workforce that fuels this mission. Are you ready to be a transformer? We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, or status as a protected veteran. EOE, including disability/vets. Posted Pay Range The posted pay range, if referenced, reflects the range expected for this position at the commencement of employment, however, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, education, experience, and internal equity. The total compensation package for this position may also include other compensation elements, to be discussed during the hiring process. If hired, employee will be in an "at-will position" and the GovCIO reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, GovCIO or individual department/team performance, and market factors. Posted Salary Range USD $125,000.00 - USD $150,000.00 /Yr.

<!– job description page –>