Resumo da vaga

DevOps Engineer (Secret Clearance)

Requisitos e responsabilidades

Conteúdo da vaga extraído em seções para revisão mais rápida.

Details

  • Security Integration – Implement andmaintainsecurity controls throughout the development pipeline, ensuring security is embedded in every phase of the software development lifecycle.
  • Compliance Management – Collaborate with Information System Security Officers (ISSOs) to review Security Technical Implementation Guides (STIGs) and support Authority to Operate (ATO) processes, ensuring compliance with security standards and regulatory requirements.
  • CI/CD Pipeline Security – Design, implement, andmaintainsecure CI/CD pipelines with automated security testing, vulnerability scanning, and compliance checks integrated into deployment workflows.
  • Scrum Process Participation – Activelyparticipatein Scrum ceremonies, including sprint planning, daily standups, sprint reviews, and retrospectives, whileprovidingsecurity guidance and effort estimates for security-related tasks.
  • Vulnerability Management – Conduct regular security assessments, vulnerability scans, and penetration testing, while coordinating remediation efforts with development teams.
  • Infrastructure as Code (IaC) – Develop andmaintainsecure infrastructure configurations using Infrastructure as Code principles with automated security policy enforcement.
  • Security Monitoring – Implement and manage security monitoring tools, logging systems, and incident response procedures to detect and respond to security threats in real time.
  • Risk Assessment – Perform security risk assessments, threat modeling, and security architecture reviews toidentifyand mitigate potential vulnerabilities.
  • Documentation and Training – Create security documentation, procedures, and training materials whilemaintainingcompliance artifacts for audit purposes.
  • Required: 4 years of experience +Bachelor’sdegree, or 8 years of experience
  • Preferred: DoD Secret clearance or equivalent
  • IAT Level II certificationrequired (e.g., Security+ CE, CCNA-Security, GSEC, GICSP, SSCP,CySA+, or other DoD 8570.01-M / DoD 8140 approved certifications at IAT Level II)
  • AWS -Experience specifically with AWS CDK and processes (preferred)
  • DevSecOpsExpertise — Strong experience inDevSecOpspractices, security automation, and secure software development within enterprise environments.
  • Scrum Methodology — Deep understanding of Scrum principles and Agile development practices, including integrating security requirements into sprint planning and user story development.
  • Security Standards Knowledge — Extensive knowledge of STIGs, NIST frameworks, ATO processes, and federal security compliance requirements, with experience working alongside ISSOs and security teams. Hands-on experience with ATO and STIG maintenance and renewal is preferred.
  • CI/CD and Automation — Proficiency with CI/CD tools, with GitLab CI preferred, as well as containerization technologies including Docker and Kubernetes, and automation platforms such as Terraform, Ansible, and CloudFormation.
  • Cloud Security — Experience with cloud security platforms and cloud-native security tools, with AWS Security Hub preferred. Familiarity with multi-cloud security strategies andadditionalplatforms (Azure Security Center, Google Cloud Security) is a plus.
  • Programming and Scripting — Proficiency in scripting languages, JavaScript (is preferred), Bash, and PowerShell, with experience using security testing frameworks and static/dynamic analysis tools.
  • Security Tools — Experience with vulnerability scanners (Nessus, OpenVAS), SAST/DAST tools, container security scanning solutions, and security orchestration platforms.
  • Communication and Collaboration — Excellent communication skills with the ability to work effectively across cross-functional Scrum teams, security officers, compliance teams, and stakeholders in fast-paced development environments.
Vagas similares

Mantenha uma lista reserva.

Ver stack
FocoDevSecOps EngineerÁrea da vaga
Sinal de senioridadeMiddleNível do candidato
StackAWS, Azure, CI/CDSkills principais
Localização1 país aceitoElegibilidade

Stack

Use estas tags para comparar vagas remotas similares.

Elegibilidade de localização

Candidatos devem aplicar apenas quando o país do perfil estiver listado aqui.

Seu perfilPaís não definidoEntre para comparar seu país com esta vaga.

Fluxo de contratação

O WithMira mostra a vaga e depois envia candidatos para a aplicação da empresa.

1Confira fit da vaga, stack e elegibilidade de localização no WithMira.
2Abra a página de aplicação da empresa pelo link rastreado.
3Salve a vaga ou assine oportunidades similares antes de sair.