Sr. DevSecOps

3 weeks ago

Herndon, United States Navitas Full time
Job DescriptionJob Description

Security Engineer - DevSecOps

Herndon VA

SecretClearance

Position Overview:

Navitas Business Consulting is seeking a Sr.DevSecOps professional to support one of our Flagship contracts with over 6+years of experience and a strong background in implementing Kubernetes environments, plusexperience with DevOps methods and practices. This role would be a hybrid rolein our Herndon VA Offices. This role would require abackground test in Hacker-rank.

On-siterequirements are three days a week with occasional travel to Washington DC forrequired meetings.

Responsibilities:

· Performinginfrastructure security reviews, threat modeling, and risk analysis for systemsbuilt on AWS and deployed via infrastructure-as-code tools like AWSCloudFormation

· Implementingand managing security controls within AWS including IAM, VPCs, security groups,WAF, encryption, audit logging, etc.

· Performingstatic and dynamic analysis on source code using tools like Anchor/Grype,SonarQube, and Syft to catch security issues early

· Integratingsecurity tools like secrets management, SAST, DAST, and dependency scanninginto CI/CD pipelines in GitHub Enterprise and AWS CodePipeline

· Buildingand configuring hardened Linux server images using tools like Packer thatfollow security best practices

· Implementingsecurity monitoring and runtime protection for containers and services runningon AWS ECS

· Helpingdefine security requirements and compliance controls for regulated workloadsbuilt on AWS services like RDS Aurora

· Creatingand managing infrastructure security policies as code via tools like OpenPolicy Agent

· Triagingand resolving security issues, working with developers and ops teams toimplement fixes and improvements

· Keepingup-to-date with the latest cloud security best practices and threats


Preferred Experience:

· 5+years experience in an information, cloud, or infrastructure security role

· Deepknowledge of AWS security services and features

· Experiencewith infrastructure-as-code and configuration management tools like Ansible,Terraform, or CloudFormation

· Proficiencyin Linux administration and security best practices

· Knowledgeof container and orchestrator security (Docker, Kubernetes, ECS)

  • Sr. DevSecOps Engineer

    3 weeks ago

    Herndon, United States Acuity Full time

    Overview: Acuity is seeking a Sr. DevSecOps professional to support one of our Flagship contracts with over 6+ years of experience and a strong background in implementing Kubernetes environments, plus experience with DevOps methods and practices. Candidates MUST reside in DC or VA and be available to work onsite in Herndon, VA. On-site requirements are three...