DevSecOps Engineer
3 weeks ago
The DevSecOps engineer is a senior engineering role to help support, secure, manage and deploy solutions that support CyBourns clients' objectives. The role is highly technical, and candidates must possess a solid understanding of information security, cloud infrastructure, software and various reference architectures. The role also requires an understanding of clients' business goals, product strategy and operational requirements in a fast-paced environment. The DevSecOps engineer supports continuous integration and continuous deployment (CI/CD) initiatives and is an integrated team member working with software developers, product engineers, cybersecurity engineers and systems administrators. The DevSecOps engineer acts as a liaison with business stakeholders to understand the strategy and execution outlook. The role is heavily security-focused and ingrained in the CI/CD pipeline automation to deliver security and privacy by design principles and validation throughout the software lifecycle.
DevSecOps engineers have a strong work ethic, perform analytical and critical thinking, and are masterful at meeting change requests on demand. They are expected to work well with business units and possess superior listening and communication skills, in addition to expected technical expertise. DevSecOps engineers embody security-first principles, constantly assess the threat landscape and adapt quickly to manage enterprise risk, as well as integration, configuration and deployment requirements.
What you will do at CyBourn- Build relationships with developers, stakeholders and pod leaders to incorporate security principles into engineering design and deployments.
- Supervise implementation, testing and validation of application security controls across projects.
- Oversee implementation of defensive configurations and countermeasures across cloud infrastructure and applications.
- Draft and uphold Secure SDLC strategy and practices in tandem with other technical team leads.
- Recommend services and tools to enable developers and engineers to easily use security components produced by application security team members.
- Simplify automation that applies security inter-workings with CI/CD pipelines.
- Support the ability to shift left and incorporate security early on and throughout the development lifecycle including threat modeling and developer IDE security features.
- Assist prioritization of vulnerabilities identified in code through automated and manual assessments, and promote quick remediation.
- Communicate vulnerability results in a manner understood by technical and non-technical business units based on risk tolerance and threat to the business, and gain support through influential messaging.
- Join forces and provision security principles in architecture, infrastructure and code.
- Partner with CTOC to regularly research and learn new tactics, techniques and procedures (TTPs) in public and closed forums, and work with colleagues to assess risk and implement/validate controls as necessary through the CI/CD pipeline.
- Enrich DevOps architecture with security standards and best practices, promote baseline configuration and work to reduce drift.
- Partner with teams to define key performance indicators (KPIs), key risk indicators (KRIs) and distribute useful program metrics across business units.
- Perform other duties as assigned.
- At least 7+ years experience in information technology, information security administration or security operations.
- Experience working with development and infrastructure teams in agile workflows, including Scrum and Kanban.
- Understanding of containerized compute (e.g., Docker) and container orchestration (e.g., Docker Swarm, Kubernetes).
- Proficient in securing Windows and Unix operating systems, applications, networking protocols and devices under a baseline requirement framework.
- Experience with operations and security across Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP).
- Ability to obtain and maintain technical team and business support to influence a collaborative effort to reduce attack surface while performing rapid, continuous testing and implementation.
- Capable of scripting in Python, Bash or PowerShell.
- Understanding of OWASP, CVSS, the MITRE ATT&CK framework and the software development lifecycle (SLDC) and how to balance the recommendations of each against business priorities.
- Knowledge of Payment Card Industry (PCI), Gramm-Leach-Bliley Act (GLBA), National Institute of Standards (NIST) or Center for Internet Security (CIS) control requirements.
Are you looking for a new career opportunity that will help you achieve your professional goals and propel your career forward? Look no further than CyBourn
As a fast-growing and motivated company, we are on the lookout for talented individuals who want to be a part of our dynamic team. We are committed to investing in our employees' futures, providing them with the tools and resources needed to succeed and reach their full potential.
Joining CyBourn means that you will be part of an exciting journey towards success. We believe in providing our employees with a supportive and collaborative work environment, where they can grow and develop their skills while contributing to the success of our company.
We are seeking individuals who are driven, passionate, and excited about the world of cybersecurity. Whether you're an experienced professional or just starting your career, we welcome all applicants who share our values and are eager to learn and grow.
If you're ready to take the next step in your career and want to be a part of an exciting and growing company, consider joining CyBourn. We can't wait to hear from you and see how we can work together to achieve great things.
At CyBourn, we are committed to combining diversity, collaboration, and excellence. All qualified applicants will receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.
#J-18808-Ljbffr-
DevSecOps Engineer
4 weeks ago
Washington, United States IBM Full timeIntroduction A career in IBM Consulting is rooted by long-term relationships and close collaboration with clients across the globe. You'll work with visionaries across multiple industries to improve the hybrid cloud and AI journey for the most innovative and valuable companies in the world. Your ability to accelerate impact and make meaningful change for...
-
DevSecOps Engineer
2 days ago
Washington, United States Mount Indie Full timeMount Indie is in search of a Sr. DevSecOps Engineer to join our dynamic team. As a DevSecOps Engineer, you will play a critical role in designing, implementing, and maintaining secure and efficient software development and deployment pipelines. You will collaborate with cross-functional teams to integrate security practices seamlessly into the development...
-
DevSecOps Engineer
2 weeks ago
Washington, United States Kingfisher Systems Full timeJob Description Job Description Kingfisher Systems, Inc. (Kingfisher) specializes in providing a full range of Information Technology, Cybersecurity, Intelligence, and support services to the U.S. Government. Kingfisher’s core competency is technology-enabled services with a specific focus on national security. Since 2005, Kingfisher has established itself...
-
DevSecOps Engineer
6 days ago
Washington, United States Kingfisher Systems Full timeKingfisher Systems, Inc. (Kingfisher) specializes in providing a full range of Information Technology, Cybersecurity, Intelligence, and support services to the U.S. Government. Kingfisher’s core competency is technology-enabled services with a specific focus on national security. Since 2005, Kingfisher has established itself as a recognized and trusted...
-
DevSecOps Engineer
2 weeks ago
Washington, United States Syntricate Technologies Full timeDevSecOps Engineer100% Remote12+ month contract with annual full-year contract renewalWeb Cam Interview Top Skill Requirements: DevSecOps Engineer BackgroundTerraform/IaCPythonGitlabNIST/securitySAST: (various tools you might see: Snyk, DefectDojo, & ArmorCode)DAST: (various tools you might see: Nexus & StackHawk)Responsibilities:Key Responsibilities:...
-
DevSecOps Engineer
1 month ago
Washington, United States Mount Indie Full timeMount Indie is in search of a Sr. DevSecOps Engineer to design, implement, and maintain secure and efficient CI/CD pipelines. Responsibilities: •Work across development, operations, and security teams to integrate security practices into the SDLC. •Provide design, implementation, and maintenance efforts to CI/CD pipelines, incorporating automated...
-
DevSecOps Engineer
4 weeks ago
Washington, United States Mount Indie Full timeMount Indie is in search of a Sr. DevSecOps Engineer to design, implement, and maintain secure and efficient CI/CD pipelines. Responsibilities: • Work across development, operations, and security teams to integrate security practices into the SDLC. • Provide design, implementation, and maintenance efforts to CI/CD pipelines, incorporating automated...
-
DevSecOps Engineer
4 days ago
Washington, United States Mount Indie Full timeMount Indie is in search of a Sr. DevSecOps Engineer to design, implement, and maintain secure and efficient CI/CD pipelines. Responsibilities: • Work across development, operations, and security teams to integrate security practices into the SDLC. • Provide design, implementation, and maintenance efforts to CI/CD pipelines, incorporating automated...
-
DevSecOps Engineer
2 weeks ago
Washington, United States Kingfisher Systems, Inc. Full timeJob DescriptionJob DescriptionKingfisher Systems, Inc. (Kingfisher) specializes in providing a full range of Information Technology, Cybersecurity, Intelligence, and support services to the U.S. Government. Kingfisher’s core competency is technology-enabled services with a specific focus on national security. Since 2005, Kingfisher has established itself...
-
DevSecOps Engineer
3 weeks ago
Washington, United States Kingfisher Systems, Inc. Full timeJob DescriptionJob DescriptionKingfisher Systems, Inc. (Kingfisher) specializes in providing a full range of Information Technology, Cybersecurity, Intelligence, and support services to the U.S. Government. Kingfisher’s core competency is technology-enabled services with a specific focus on national security. Since 2005, Kingfisher has established itself...
-
DevSecOps Engineer
4 weeks ago
Washington, United States Marathon TS Full timeMarathon TS is looking for a DevSecOps Engineer top support our federal client. You will be challenged as you solve complex problems, create and brief technical information and collaborate with various entities within the Intelligence Community. You will be responsible for managing cloud-based services, in particular with DevSecOps and continuous integration...
-
DevSecOps Engineer
4 weeks ago
Washington, United States Marathon TS Full timeMarathon TS is looking for a DevSecOps Engineer top support our federal client. You will be challenged as you solve complex problems, create and brief technical information and collaborate with various entities within the Intelligence Community. You will be responsible for managing cloud-based services, in particular with DevSecOps and continuous integration...
-
DevSecOps Platform Engineer
4 weeks ago
Washington, United States Motion Recruitment Partners LLC Full timeWe're partnered with one of the largest business consultancies in the world that is ramping up their Cloud Platform team. They are looking for a DevSecOps Platform Engineer to build out, secure, and integrate automation tools into their hybrid OnPrem/AWS environment. You will be responsible for developing and modifying pipelines and providing technical...
-
DevSecOps Engineer
1 month ago
Washington, United States Marathon TS Full timeMarathon TS is looking for a DevSecOps Engineer top support our federal client. You will be challenged as you solve complex problems, create and brief technical information and collaborate with various entities within the Intelligence Community. You will be responsible for managing cloud-based services, in particular with DevSecOps and continuous integration...
-
Senior DevSecOps Engineer
4 weeks ago
Washington, United States Copper River Family of Companies Full timeCopper River Cyber Solutions is seeking a Senior DevSecOps Engineerto join our team in support of a new contract at the Department of Health and Human Services Administration for Strategic Preparedness and Responsiveness. This position will be performed remotely with the occasional need for an onsite meeting in the Washington D.C. area. The Senior DevSecOps...
-
Senior DevSecOps Engineer
1 month ago
Washington, United States Copper River Management Company Full timeCopper River Cyber Solutions is seeking a Senior DevSecOps Engineerto join our team in support of a new contract at the Department of Health and Human Services Administration for Strategic Preparedness and Responsiveness. This position will be performed remotely with the occasional need for an onsite meeting in the Washington D.C. area.The Senior DevSecOps...
-
DevSecOps Engineer
3 days ago
Washington, United States Mount Indie Full timeJob DescriptionJob DescriptionMount Indie is in search of aSr.DevSecOps Engineer to join our dynamic team. As a DevSecOps Engineer, you will play a critical role in designing, implementing, and maintaining secure and efficient software development and deployment pipelines. You will collaborate with cross-functional teams to integrate security practices...
-
Senior DevSecOps Engineer
1 month ago
Washington, United States Copper River Family of Companies Full timeCopper River Cyber Solutions is seeking a Senior DevSecOps Engineerto join our team in support of a new contract at the Department of Health and Human Services Administration for Strategic Preparedness and Responsiveness. This position will be performed remotely with the occasional need for an onsite meeting in the Washington D.C. area. The Senior DevSecOps...
-
Senior DevSecOps Engineer
1 month ago
Washington, United States Copper River Family of Companies Full timeCopper River Cyber Solutions is seeking a Senior DevSecOps Engineerto join our team in support of a new contract at the Department of Health and Human Services Administration for Strategic Preparedness and Responsiveness. This position will be performed remotely with the occasional need for an onsite meeting in the Washington D.C. area. The Senior DevSecOps...
-
DevSecOps Engineer
1 month ago
Washington, United States TrueTandem Full timeCompany Description TrueTandem's mission is to be a trusted information technology solutions provider, committed to the success of our customers, communities and employees. To enable this mission, we listen to our customers’ needs, empower our dedicated and talented employees, envision success together, and deliver innovative cost-effective solutions. For...
