at General Dynamics Information Technology in Bossier City, Louisiana, United States
Type of Requisition: Regular
Clearance Level Must Be Able to Obtain: None
Public Trust/Other Required: NACI (T1)
Job Family: Cloud
Our Cloud Platform team is looking for a Senior DevSecOps Engineer to join our team and support the National Institutes of Allergy and Infectious Diseases (NIAID).
We are looking for a highly motivated engineer who wants to solve tough technical challenges and learn and incorporate new technologies into their skillset. You will work with platform engineers, innovation teams, and developers on secure best practices in Infrastructure as Code (IaC), cloud design patterns and CI/CD workflows.
+ Build and implement security controls for our platform and infrastructure, with a focus on automating security and compliance
+ Design, develop, test, deploy, maintain and improve DevSecOps Pipelines
+ Conduct design, process, and infrastructure/security reviews
+ Help identify security threat models and make suggestions for improvements
+ Assist with application team onboarding efforts
+ Assist with customer communications around security concerns or questions
+ Educate team members about Security and Privacy, including security/privacy practices, principles, and infrastructure security practices
+ Provide support with security incidents, helping the team prioritize and remediate appropriately
+ Serve as a consultant to team members on security vulnerabilities and their corresponding remediations, ensuring security vulnerability scan outputs are reviewed and appropriate actions are taken
+ Support and contribute to business security requirements, such as the creation of security policies, procedures, and processes
+ Participate in all team planning, product demonstrations, and team retrospectives
+ May serve as task lead
Required Qualifications and Skills:
+ BA/BS (or equivalent experience) and 10 years of related IT experience
+ Strong experience securing infrastructure in AWS via automation
+ Hands-on security experience, with in-depth knowledge of security, scaling in the cloud, and software engineering practices
+ Strong experience implementing security monitoring, logging, and alerting (AWS GuardDuty, AWS Inspector, AWS Security Hub, Network Firewall Manager, Splunk, CloudWatch, etc.)
+ Experience with network and system security tools in the Cloud, including network firewalls, Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), anti-malware, vulnerability scanning, encryption, monitoring, and Identity, Credential, and Access Management
+ Experience with third-party or cloud native SIEM systems, threat intelligence platforms, security automation, orchestration solutions, IDS/IPS, file integrity monitoring (FIM), and Data Loss Prevention (DLP)
+ Experience with securing containerized environments (Docker, Kubernetes)
+ Experience with implementing security measures as Infrastructure as Code (Terraform)
+ Strong experience with embedding security into Continuous Integration (CI)/Continuous Delivery pipelines
+ Experience building, scaling, and automating infrastructure vulnerability management programs and tools
+ Experience with Agile development methodology
+ Must be able to obtain/maintain a Public Trust
Preferred Qualifications and Skills:
+ Experience with implementation of FISMA compliance security controls, including compliance with CIS and NIST 800-53 benchmarks
+ Experience securing immutable AMIs/containers
+ Working knowledge of standard data storage formats and abstractions, including YAML, JSON, XML
+ Experience with database technologies, e.g. SQL, NoSQL.
+ Experience supporting compliance efforts
+ Experience with software vulnerabilities, how CVEs are reported, and how they relate to specific system packages and remediations
+ Experience with cloud APIs and securing REST APIs.
This position requires being fully vaccinated against COVID-19 by January 18, 2022 or the start date, if after January 18. Individuals who work in or reside in Texas or Montana or work outside of the United States may be excluded from this requirement.
We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.
GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.