-
ID
#45987459 -
Job type
Permanent -
Salary
TBD -
Source
Apex Systems -
Date
2022-09-24 -
Deadline
2022-11-22
DevSecOps Consultant
Georgia, Atlanta, 30301 Atlanta USAPermanent
Vacancy expired!
- Attend client and team virtual meetings and, when required, on-site in-person meetings.
- Independent Verification and Validation (IV&V), Technology Assessment, Alternatives Analysis, Enterprise, and Conceptual Architectures, DevSecOps processes, and other services as directed by the client.
- Works on multiple projects simultaneously, interacting with all levels of staff and CDC OCIO and C/I/O stakeholders.
- Collaborate and understand stakeholders, external partners, and the project team needs and convey them to developers.
- Passion for increasing quality and driving business value while simultaneously decreasing the effort to get there by identifying manual DevOps processes that can be automated.
- Possess a bias for action when breaking down complex problems and tackling new technologies.
- Build tools to reduce errors and improve customer experience by supporting the goal of continuous update and development of code, making systems faster and better while ensuring that systems are safe and secure against cybersecurity threats.
- Develop an automated security framework for robust development of deployment tools, processes, and infrastructure leveraging various scripting languages and open-source solutions.
- Provide DevOps strategic objectives and tactical frameworks for CI/CD Agile development projects
- Support project team configuration and testing of CI/CD configurations based on continuous development and delivery of best practices and technical implementations.
- Define CI/CD work packages and assess the quality of the project team's work products.
- Conduct analysis or assessment of the current internal and external DevOps implementation and recommend automation to improve development and release processes, efficacy, timelines, etc.
- Guide development teams in designing, building, testing, and automatically deploying new or existing software.
- Improve best practices and code guidelines, and work with software developers and engineers to ensure that development follows established processes and works as intended.
- Test and examine code written by others, identify technical problems, analyze results, and make recommendations or automate processes.
- Plan out projects and be involved in project management decisions.
- Leverage agile project management methodology to accelerate strategic execution of implementation plans with bi-weekly sprints developed from a backlog of action items.
- Author or contribute to technical or white papers, enterprise reports, and presentations.
- Design procedures for system troubleshooting and maintenance.
- Provide Level 2 technical support and assist with root cause analysis.
- Develop software/scripts to integrate with internal, back-end systems and automate visualizations.
- Consider the organization's entire IT infrastructure when suggesting or making changes and improvements that enhance the client's IT infrastructure security protocols and contribute to the predictable deployment of software and infrastructure in the client's cloud infrastructure.
- Strong problem-solving attitude, collaborative team spirit, investigative mentality, decision-making ability, and strategic and associative thinking capacity.
- Highly developed interpersonal skills and self-motivation coupled with a high level of attention to detail and accuracy.
- Ability to appropriately target information across technical audiences, clients, and executive leaders.
- Share knowledge and thought leadership with the rest of the organization, including strategic technical direction and professional development opportunities.
- Bachelor's degree in Computer Science, Engineering, related field, or equivalent experience.
- 8+ years of progressive experience as a DevSecOps engineer or similar software engineering role working with developers, DevOps, and engineering teams in a dynamic environment to promote/implement the DevSecOps program throughout the organization.
- 5+ years of experience in data center infrastructure and cloud IaaS environments.
- Experience coordinating and performing vulnerability assessments using automated and manual tools (Tenable, NMAP, etc.).
- Experience with C/C programming and Bash, Ruby, Python, or other scripting languages.
- Working knowledge of SQL and databases (both structured and unstructured).
- Extensive experience with various DevSecOps automation and configuration management tools, such as Chef, Puppet, Ansible, Terraform, Git, GitHub, GitLab, Jenkins, TeamCity, TFS, Subversion, and Docker.
- Familiarity with Information Security Standards such as CIS, NIST, and RFC2196.
- Understand the security areas of Key Management Systems, Certificate Management, Encryption, Penetration Testing, Vulnerability Scanning, and Security and Monitoring tools.
- Familiarity with API, Container, and Cloud Security.
- Knowledge of PCI-DSS, HIPPA, SOX, GDPR, and CCPA standards and policies and the associated certification and audit processes.
- Auditing and Compliance certifications such as CISA, PCI-ISA, and PCIP.
- Familiarity with Amazon and Azure Policy, Configuration, and Security Management tools.
- Intimate familiarity with architecting solutions on cloud computing platforms such as Azure or AWS.
- Experience with security automation and machine learning.
- Experience configuring, implementing, and leveraging computer security and network diagnostic/monitoring tools.
- Knowledge of Windows and Linux patch management and related information security functions (authentication, IP tables, SSL, Ciphers, etc.).
- Ability to work with APIs and Plugins to integrate security tools into established CI/CD pipelines.
- Experience deploying monitoring and logging tools (e.g., WhatsUp Gold Nagios, PRTG, Splunk, etc.).
- Experience with containerization orchestration tools such as Kubernetes, Amazon ECS, Azure Container Services, and OpenShift.
- Thought leader on Continuous Integration & Continuous Delivery (CI/CD) software engineering process who can articulate how a given DevSecOps approach facilitates these practices to drive business goals.
- Strong qualitative and quantitative evaluation and analytical skills (experience in impact assessments preferable).
- Strong problem-solving skills, investigative mentality, decision-making ability, and strategic and associative thinking capacity.
- Excellent oral and written communications in English, including editing and proofreading skills, thought leadership, and formal presentation skills.
- Highly developed interpersonal skills and self-motivation coupled with a high level of attention to detail and accuracy.
- Business development experience, including leading or contributing to proposals.
- DevSecOps Certified Professional (DSOCP).
- CISM, CISSP, or other Security Certifications, and Foundation certifications in AWS and Azure.
- Professional certifications in AWS, Azure, and Google Cloud Platform.
- Solid knowledge base in one or more cloud service providers (AWS, Azure, Google Cloud Platform) advance concepts such as Serverless, Infrastructure as Code, containers, CI/CD pipelines, and Git repositories (such as Gitlab).
Vacancy expired!
Report job