Title:
DevSecOps Engineer - Mid-LevelKBR is seeking a highly motivated Development Security Operations Engineer (DevSecOps) to join our team. The successful candidate will incorporate a range of software and analytical tools to support execution of workflows supporting Commercial Cloud Services (C2S). The candidate will develop methods to incorporate large intelligence collection data that supports collection assessments and analysis. Candidate will work as part of an integrated team in direct support of the US Government customer, FFRDC and other SETA team members in a professional work environment.
Responsibilities:
Implement and automate cloud-based security controls, governance processes and compliance validation. Supports application accreditation with requisite design and documentation.
Designs, manages, and maintains a stable and efficient infrastructure to optimize service delivery across production, test and development environments in the cloud throughout the development lifecycle.
Designs, builds and maintains a stable and efficient infrastructure to optimize service delivery across production, test and development environments in the cloud throughout the development lifecycle.
Implement security scanning and vulnerability management processes.
Manage and optimize GitHub repositories and workflows.
Collaborate with software development and operations teams to integrate security practices.
Troubleshoot and resolve issues related to pipeline automation and security.
Ensure compliance with security policies and procedures.
Minimum Qualifications:
Bachelor’s degree
5 years of DevSecOps experience
Technical skills, knowledge and experience to accomplish work with minimal oversight
Demonstrated ability to effectively communicate verbally and in writing
Clearly and concisely express multifaceted concepts
Develop ideas in a logical sequence leading to a validated conclusion
Knowledge/experience of deployment/configuration management tools like Jenkins, Maven, Puppet, or Ansible
Utilize version control tools like GIT, Bitbucket, SVN or CVS
Experience with network infrastructure, database, cloud and data center operations, and security protocols.
Strong knowledge of Linux and Windows OS
Familiar with AWS and other cloud services
Experience with programming and scripting languages like Python, Peri, Bash, PHO, Java, Angular, SQL, Postgress, C++, or C#
Strong knowledge of security scanning tools and practices.
Excellent problem-solving and troubleshooting skills.
Strong communication and collaboration abilities.
Desired Qualifications:
Master’s of Science degree
Experience with end-to-end components of software tools
Experience packaging for Windows Server and Linux distributions including automating software template generation, configuring environments and tools, and packaging for installation
Experience designing and deploying frameworks with IT automation tools
Experience with security frameworks and Risk Management Framework (RMF) process
Experience with DoD Authority to Operate (ATO) processes
8570 IAT II compliant certification such as Security+
Certified Information Systems Security Professional (CISSP)
Experience with collection management and data flows
Relevant certifications (e.g., AWS Certified DevOps Engineer, Certified Kubernetes Administrator).
Knowledge of compliance frameworks and security standards.
Security Requirements: Must have an active TS-SCI with a current Poly
KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.