DevSecOps Manager

Vacancy expired!

DevSecOps Manager

Location: Vienna, VA (remote work optional)

Department: FTC Corporate/ Operations Team

Type: Full Time

Minimum Experience: Experienced

Security Clearance Level: Ability to successfully pass a thorough background investigation and to start with either an interim clearance or no clearance. The clearance level stated above must be met for consideration for this specific opportunity. Unfortunately, FTC is unable to sponsor at this time.

Military Veterans are highly encouraged to apply!

Favor TechConsulting, LLC (FTC) is seeking a talented DevSecOps Manager to support our operations overhead team.

Essential Duties & Responsibilities

Role Overview:

Favor TechConsulting, LLC (FTC) is seeking a talented

Senior DevSecOps Manager who is creative, client focused, and has strong technical aptitude combined with a track record of successful technical software delivery within the health information industry. This position is for an experienced

Senior DevSecOps Manager to provide leadership to the DevSecOps practice within our firm. This position will provide cutting edge solutions when it comes to rapid delivery of modern, user-first, scalable and data intensive services for government agencies. Seeking a highly experienced candidate with significant and varied experience leading agile development and DevSecOps programs within large Federal Government programs. The

Senior DevSecOps Manager will be responsible for driving the secure automation of building, testing and deployment for applications, platforms, and infrastructure using Infrastructure as Code (IaC). You will work with other cloud engineers, developers, and stakeholders to understand product and business needs, provide expertise around application and cloud service development, as well as define and own clear guardrails, alerts, and Security as Code (SaC) deployments to provide 24/7 protection from malicious traffic, vulnerabilities and other attack vectors. We are looking for the candidate to support and fine tune active development contracts, and lead and bolster our DevSecOps practice area across our corporate portfolio to aid with business development, organic growth, and tech challenges for new opportunities.

Responsibilities:

• Provide leadership to the DevSecOps practice within our firm by bringing varied and advanced industry experience and knowledge of the latest technologies, processes, and trends around Cloud infrastructure, IaaS, SaaS, and CI/CD practices and tools.
• Assess current capabilities and build out and bolster our corporate DevSecOps capabilities and practices to aid current contracts and better position our firm for new opportunities.
• Support and advise AppDev teams as needed to improve and optimize Infrastructure and Application builds and release pipelines using the CI/CD practices and tools. Assist teams as needed to enhance their pipelines such as incorporating automated change and release management requirements.
• Support, advise, and integrate with corporate Business Development and Operations teams to aid with organic growth and new opportunities. Support solutions group for proposal writing, and also lead and actively participate on Government-issued tech challenges required for new opportunities.
• Act as senior AppDev manager when needed to dive into project work and aid with problematic programs with insufficient DevSecOps processes, assess gaps and/or customer issues, and identify and implement corrective action.

Required Skills & Experience

• Experience leading large scale Federal agile and DevSecOps programs.
• Exceptional customer management skills and client-facing and internal communication skills
• Extensive Cloud services knowledge: AWS, Microsoft Azure
• Experience building Infrastructure and Application build and release pipelines using the CI/CD tooling platforms, and developing automated change and release management requirements.
• Significant experience with implementing foundational Agile development principles and practices within App Dev programs and organizations.
• Experience supporting BD and solutioning teams in support of new and organic growth opportunities, to include proposal writing and solutioning, and leading Government-sponsored tech challenges.
• Bring a culture of continuous improvement and security focus to development practices.
• Provide expertise and best practices for implementing cloud security (internal) and product security (external)
• Assess architectures and designs for security vulnerabilities and suggest and implement proper alternatives
• Oversee the management and remediation of identified security flaws within our development platforms
• Build and maintain monitoring, auditing, and reporting frameworks that produces artifacts that support security and compliance needs
• Build and maintain a set of tools that enable developers to self-serve for most operational tasks
• Develop processes that produce artifacts that support security and compliance requirements
• Support business development activities through participation and leadership roles in coding challenges / hackathons, and development of content for proposals
• Excellent written, verbal, and meeting facilitation skills
• Background as a Software Engineer, Site Reliability Engineer, or DevOps Engineer for at least three years
• Intermediate level knowledge of principles, theories, and concepts of Cybersecurity typically obtained through advanced education combined with experience.
• Background in supporting a 24x7x365 Software based System
• Background in supporting Incident Management for a software-based system.
• Background in supporting a team running a trouble ticket system.
• Background in supporting an operations team
• Demonstrated success using modern DevSecOps methods and tools including automated testing tools and monitoring tools.
• Demonstrated ability to drive frequent release cycles (daily / weekly)
• Demonstrated knowledge and use of modern software development and DevSecOps tools with focus on AWS of Azure DevSeOps suite and implementation of automated pipelines in a cloud environment
• Demonstrated successful release/delivery management on large-scale deployments
• Demonstrated knowledge of security best practices for client-server and web based application product architectures, focusing predominantly on cloud-based server development
• Demonstrated knowledge of AWS systems, including EC2, IAM, CloudWatch, CloudTrail, Config, Lambda, Security Groups, VPCs, WAF, Guard Duty, Inspector, etc.
• Demonstrated programming or scripting experience with a popular modern language utilized by above tools (Java, JavaScript, Python, Ruby, etc.)
• Extensive shell scripting experience on Unix/Linux and Windows platforms
• Demonstrated ability using multiple IDEs like Eclipse and visual studio
• Demonstrated knowledge of Logging & Monitoring tools: ELK, Grafana, DataDog, Prometheus
• Demonstrated Eexperience in developing integration APIs and webservices (REST/SOAP), API Development Experience, Knowledge of API Security
• Demonstrated experience with IAM Solutions: AWS Cognito, PingFederate, WSO2, Azure AD, VDS, SailPoint, CyberArk
• Demonstrated experience with authentication and authorization paradigms - SAML2/OIDC, LDAP, Kerberos
• Demonstrated experience with secure software development practices - AppSec - Security and/or regulatory experience desired, OWASP 10 and Web Application Security
• Experience with Threat modeling, risk assessment techniques, code reviews, and with the latest security best practices
• Demonstrated experience with automated security tools for SAST, SCA, DAST, IAST governance and scanning
• Experience with cloud-based security management/IDS/IPS/SIEM tools, such as Splunk, Dome9, AlienVault, AlertLogic, Fortinet, Threat Stack, etc.
• Life-long learner - always looking to stay up to date with latest attack vectors, vulnerabilities, remediation, and protection paradigms, etc.

Professional Certification(s):AWS Certification and/or Microsoft Azure Certifications

Formal Education:Bachelor's Degree, Computer Science, Math, Engineering or equivalent

Years of Professional Experience:10+ years of Senior Development Manager experience5+ years of experience in DevSecOps

Desired Skills & Experience

• DoD Secret level clearance
• ITIL and Change Management
• Experience in SAFe Agile programs and methodology
• Prior consulting and client management experience

Professional Certification(s):PMP, Agile/Scrum certifications

• PMI Agile Certified Practitioner (PMI-ACP)
• APMG International Agile Project Management (AgilePM)
• Scrum Alliance Certified Product Owner (CPO)
• Scrum Alliance Certified Enterprise Coach (CEC)
• org Professional Scrum Master (PSM)
• SAFe Scaled Agilist (SA) or similar
• DAC Certified Disciplined Agilist (CDA)

Formal Education:Masters

Years of Professional Experience:15+ years

Required Technical/Business Tools Experience

• AWS/Azure Cloud
• Kubernetes
• Keycloak

Physical Requirements

• Ability to perform work on a computer in a largely telework environment

Additional Information:U.S Citizenship is required for this specific opportunity and all selected applicants will be subject to a government security investigation. This includes but not limited to; meeting the eligibility requirements for access to classified information and the ability to obtain a government-granted security clearance. Individuals may also be subject to a background investigation including, but not limited to; criminal history, employment verification, education verification, drug testing, and creditworthiness.Favor TechConsulting is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, marital status, disability, veteran status, sexual orientation, or genetic information.

Vacancy expired!