Sr. DevSecOps
3 weeks ago
Security Engineer - DevSecOps
Herndon VA
SecretClearance
Position Overview:
Navitas Business Consulting is seeking a Sr.DevSecOps professional to support one of our Flagship contracts with over 6+years of experience and a strong background in implementing Kubernetes environments, plusexperience with DevOps methods and practices. This role would be a hybrid rolein our Herndon VA Offices. This role would require abackground test in Hacker-rank.
On-siterequirements are three days a week with occasional travel to Washington DC forrequired meetings.
Responsibilities:
· Performinginfrastructure security reviews, threat modeling, and risk analysis for systemsbuilt on AWS and deployed via infrastructure-as-code tools like AWSCloudFormation
· Implementingand managing security controls within AWS including IAM, VPCs, security groups,WAF, encryption, audit logging, etc.
· Performingstatic and dynamic analysis on source code using tools like Anchor/Grype,SonarQube, and Syft to catch security issues early
· Integratingsecurity tools like secrets management, SAST, DAST, and dependency scanninginto CI/CD pipelines in GitHub Enterprise and AWS CodePipeline
· Buildingand configuring hardened Linux server images using tools like Packer thatfollow security best practices
· Implementingsecurity monitoring and runtime protection for containers and services runningon AWS ECS
· Helpingdefine security requirements and compliance controls for regulated workloadsbuilt on AWS services like RDS Aurora
· Creatingand managing infrastructure security policies as code via tools like OpenPolicy Agent
· Triagingand resolving security issues, working with developers and ops teams toimplement fixes and improvements
· Keepingup-to-date with the latest cloud security best practices and threats
Preferred Experience:
· 5+years experience in an information, cloud, or infrastructure security role
· Deepknowledge of AWS security services and features
· Experiencewith infrastructure-as-code and configuration management tools like Ansible,Terraform, or CloudFormation
· Proficiencyin Linux administration and security best practices
· Knowledgeof container and orchestrator security (Docker, Kubernetes, ECS)
-
Sr. DevSecOps Engineer
3 weeks ago
Herndon, United States Acuity Full timeOverview: Acuity is seeking a Sr. DevSecOps professional to support one of our Flagship contracts with over 6+ years of experience and a strong background in implementing Kubernetes environments, plus experience with DevOps methods and practices. Candidates MUST reside in DC or VA and be available to work onsite in Herndon, VA. On-site requirements are three...