DevSecOps Engineer
Information Technology --> Information Technology
Core4ce is looking to hire a DevSecOps Engineer to join the team.
Responsibilities
- Actively engage with fellow team members to build proficiency in platform operations. This includes, but is not limited to:
- Shadowing with senior team members.
- Attend all team meetings and meetings with customers to understand platform and application requirements.
- Maintain a proper balance of troubleshooting problems encountered and reaching out to other teammates to assist.
- Taking on sprint tasks and completing them with minimal supervision.
- Building a strong understanding of the DevOps platform and our integrated toolsets.
- Regularly reviewing our base image library for new updates and vulnerabilities and updating images as necessary to address findings.
- Reviewing our CI catalog to understand toolsets available to ensure they remain up-to-date and relevant. New tools/templates should be explored to fill gaps as needed.
- Support Continuous Integration/Continuous Deployment (CI/CD) pipelines to ensure efficient and reliable code deployment.
- Participate in on-call rotations to help maintain system uptime.
Requirements
- At least 10 years of IT experience and at least 3 years of direct DevSecOps and/or containerization experience.
- Understanding of Kubernetes and containerization technologies.
- Basic understanding of Linux/Unix systems and command-line operations.
- Strong knowledge of scripting languages like Python and Bash.
- Strong knowledge of CI/CD pipeline associated files (i.e. json, yaml, etc.).
- Knowledge of CI/CD tools, preferably Gitlab.
- Familiarity with security scanning tools and vulnerability assessment tools used in container and software development environments (e.g., SAST/DAST, Red Hat ACS/Stackrox, Trivy, X-Ray, OpenSCAP).
- Experience with cloud platforms (AWS, Azure) and their native DevSecOps tools and other Cloud Native Services.
· Knowledge of container orchestration platforms, especially Kubernetes, including security configurations and best practices.
· Understanding of microservices architecture and its implications for security.
· Adept at using version control systems, especially Git.
· Experience in automating security testing as part of the CI/CD pipeline.
· Strong drive and willingness to learn new technologies and systems.
· Excellent communication skills and a collaborative mindset.
- DoD 8570 IAT Level II Certifications Requirements or the ability to obtain those certifications within 3 months of employment.
- Ability to obtain the Certified Kubernetes Administrator or Developer certification within 3-6 months.
- Secret Clearance or ability to obtain
Preferred
- Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or related field, with an emphasis on security.
- Familiarity with compliance standards such as the DoD DISA STIGs, CIS Benchmarks, and Vendor Hardening Guides.
- Prior experience in a regulated industry, especially in government or defense sectors.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), national origin, disability, veteran status, age, genetic information, or other legally protected status.