Simplify Logo

Full-Time

Devsecops Engineer

Posted on 6/23/2024

MetroStar

MetroStar

201-500 employees

Provides digital services for public sector

Consulting
Government & Public Sector

Senior

Odenton, MD, USA

Category
DevOps & Infrastructure
Site Reliability Engineering
Cloud Engineering
DevOps Engineering
Required Skills
Bash
Kubernetes
Microsoft Azure
Python
Git
Docker
AWS
Jenkins
Terraform
Ansible
Development Operations (DevOps)
Google Cloud Platform
Requirements
  • Active TS/SCI Clearance with CI poly
  • At least 6 years of experience as a DevSecOps Engineer or similar role
  • Experience building DevSecOps solutions at scale across multiple classification domains (IL5 to IL6+) simultaneously
  • Strong understanding of DevOps practices, CI/CD pipelines, and automation tools (e.g., Jenkins, GitLab CI/CD, Artifactory, SonarQube, Selenium)
  • Experience with infrastructure as code (IaC) tools such as Terraform, CloudFormation, or Ansible
  • Familiarity with cloud platforms (e.g., AWS, Azure, GCP) and securing cloud-based applications and services
  • Solid understanding of containerization and orchestration technologies (e.g., Docker, Kubernetes, OpenShift, EKS) and securing containerized applications
  • Hands-on experience with security tools for static code analysis, dynamic application security testing (DAST), and vulnerability scanning, using tools such as Fortify, Acunetix, and Prisma Cloud
  • Proficiency in scripting languages (e.g., Python, Bash) for automation and tool integration
  • Knowledge of security best practices, common vulnerabilities, and exposure to security frameworks (e.g., OWASP, NIST)
  • Strong problem-solving skills and the ability to work effectively in a fast-paced, collaborative environment
  • Excellent communication skills, both written and verbal, with the ability to convey complex security concepts to technical and non-technical stakeholders
Responsibilities
  • Collaborate with development, operations, and security teams to integrate security practices into the software development lifecycle
  • Design, implement, and maintain CI/CD pipelines that incorporate automated security testing, vulnerability scanning, and compliance checks
  • Develop and maintain infrastructure as code (IaC) templates and configurations, ensuring security best practices are applied to cloud resources and infrastructure components
  • Perform regular security assessments, code reviews, and penetration testing to identify and address vulnerabilities and weaknesses in applications, code, and infrastructure
  • Monitor and analyze system and application logs to detect and respond to security incidents
  • Implement and manage identity and access management (IAM) solutions, ensuring appropriate authentication and authorization mechanisms are in place
  • Collaborate with software engineers to provide guidance on secure coding practices and assist in remediation of security findings
  • Participate in incident response activities, helping to investigate and mitigate security incidents in a timely manner
  • Contribute to the development and maintenance of security policies, procedures, and documentation

MetroStar specializes in digital services and management consulting for the public sector, leveraging Human-Centered Design, Artificial Intelligence, DevSecOps, Cloud, Cybersecurity, and Enterprise IT to accelerate government innovation through user-centric capabilities. Their technologies include a powerful ML platform and a DevSecOps solution tailored to the needs of federal agencies, enabling faster, tailored results for every mission.

Company Stage

N/A

Total Funding

$4.4M

Headquarters

Reston, Virginia

Founded

1999

Growth & Insights
Headcount

6 month growth

2%

1 year growth

16%

2 year growth

43%
INACTIVE