ASM has an amazing opportunity for a passionate individual to join our Vulnerability Management Team as a Container Security Lead Engineer. This position involves leading the effort and establishing a container vulnerability management program to secure applications across multiple tenants. The selected individual is expected to gather, analyze, and prioritize the vulnerabilities and risks with a combination of existing COT tools and tools he or she will either develop and/or procure. The selected individual will also have a direct hand in the development of a secure build pipeline to reduce the feedback loop between security and developers. The selected individual will be expected to develop against the program software development lifecycle (SDLC) standards and work with other operational teams and systems to aid in their day-to-day activities. The selected individual will be expected to track metrics and notify leadership with risks and blockers. As part of this team, you will have an opportunity to provide a significant positive impact to the mission of migrating mission critical business applications for our customer. The selected individual will mentor not only those on his/her team but also others across other technical teams. This job description is not designed to cover or contain a comprehensive listing of all activities, duties or responsibilities that are required of the employee. Duties, responsibilities, and activities may change, or new ones may be assigned at any time with or without notice. Minimum Skills and Qualifications: + Knowledge of NIST 800-53 and other industry standard publications. + Experience developing and testing automation software to deploy the container platform. + 1 year experience with CI/CD DevOps deployment tools such as Ansible, Jenkins, Maven, Gitlab. + 1 year experience with Containerized environments such as Docker, Podman, OpenShift, and K8s. + 1 year experience with Container Vulnerability Scanning tools such as Docker Scout, Redhat Advanced Cluster Security, Snyk, AquaSec + Experience developing detailed technical plans and presenting plans to all levels of the organization. + Hands-on experience with scripting using shell, Perl or Python is required. + Working knowledge of container constructs in the Linux kernel (namespaces, SELinux, etc.) is required. + Excellent written and verbal communication skills + Can operate under limited supervision and is able to navigate through challenges independently. Preferred Skills and Qualifications: + Experience with the vulnerability management lifecycle. + Experience developing and testing automation software to deploy the container platform. + 3 years experience with CI/CD DevOps deployment tools such as Ansible, Jenkins, Maven, Gitlab. + 3 years experience with Containerized environments such as Docker, Podman, OpenShift, and K8s. + 2 years experience with Container Vulnerability Scanning tools such as Docker Scout, Redhat Advanced Cluster Security, Snyk, AquaSec + Bachelor’s Degree in Computer Science or a related field or equivalent experience of 5 to 10 years in system security **Compensation Ranges** Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees. **EEO Requirements** It is the policy of ASM that an individual's race, color, religion, sex, disability, age, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies. All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, disability, or age. All decisions on employment are made to abide by the principle of equal employment. Physical Requirements The physical requirements described in "Knowledge, Skills and Abilities" above are representative of those which must be met by an employee to successfully perform the primary functions of this job. (For example, "light office duties' or "lifting up to 50 pounds" or "some travel" required.) Reasonable accommodations may be made to enable individuals with qualifying disabilities, who are otherwise qualified, to perform the primary functions. **Disclaimer** The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job. 74,300 - 122,600 EEO Requirements It is the policy of ASM that an individual's race, color, religion, sex, disability, age, gender identity, veteran status, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies. All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, veteran status, disability, gender identity, or age. All decisions on employment are made to abide by the principle of equal employment.