DevSecOps Engineer - Clearance Required

Overview:

LMI is looking for an expert DevSecOps Engineer with an active SECRET clearance or above and a minimum 10-years of experience to support transforming and modernizing how the United States Army delivers software.

This is a 100% remote role with quarterly travel for in person team planning and collaboration events.  

This position requires an active Secret clearance.

As a DevSecOps Engineer you will be responsible for the following:

Continuous Integration/Continuous Deployment (CI/CD):

• Design, implement, and manage CI/CD pipelines in Gitlab to ensure efficient and reliable software delivery.
• Integrate security tools and practices into CI/CD workflows to detect and mitigate risks early.
• Familiar with implementation of deployment strategies including blue/green, canary, and A/B testing.

Automation and Scripting:

• Develop and maintain automation scripts to streamline and enhance deployment processes.
• Advise on and implement configuration management tools for consistent environment setup.
• Develop and manage automated deployment and configuration of Kubernetes clusters.
• Support configuration of automated testing including functional, integration, end-to-end, resilience, and disaster recovery.

Security Integration:

• Implement security measures and controls within CI/CD pipelines.
• Develop and employ automated, regular, pre and post-deployment security assessments and vulnerability scans and testing.
• Ensure compliance with Army and Department of Defense (DoD) security standards and policies.
• Provide direct technical input into security remediation documentation.

Monitoring and Incident Response:

• Set up and maintain monitoring and logging solutions to detect and respond to incidents in real-time.
• Collaborate with security teams to investigate and remediate security incidents and breaches.

Collaboration and Communication:

• Work closely with development, operations, and security teams to ensure seamless integration of security practices.
• Provide training and guidance to team members on security best practices and DevSecOps methodologies.
• Directly coordinate with Government service and resource providers to implement technical solutions.

Infrastructure as Code (IaC):

• Utilize AWS specific IaC tools (i.e. CloudFormation, SAM, CDK) to manage and provision infrastructure.
• Ensure infrastructure is secure, scalable, and compliant with Army requirements.

Risk Management:

• Identify and address potential security risks and vulnerabilities throughout the development lifecycle.
• Implement risk mitigation strategies and conduct regular risk assessments.

Compliance and Documentation:

• Ensure all systems and applications comply with relevant regulations and standards (e.g., NIST, FISMA, RMF).
• Provide DevSecOps technical input to comprehensive documentation of security practices, procedures, and incident response plans.

Performance Optimization:

• Optimize performance and scalability of applications and infrastructure.
• Conduct performance testing and implement improvements as needed.

Research and Development:

• Stay current with emerging technologies and security trends.
• Monitor and adapt to rapidly changing Government technologies and security trends.
• Evaluate and integrate new tools and technologies to enhance the security posture of Army systems.

Disaster Recovery and Organization Continuity:

• Collaborate with System Architect and Product Management to develop and maintain disaster recovery plans and organization continuity strategies.
• Conduct regular drills and tests to ensure preparedness for potential disruptions.

Software Development Support:

• Assist in the design, development, and deployment of secure software solutions.
• Coordinate with lead developers to ensure security is considered throughout the software development lifecycle (SDLC).

MINIMUM REQUIREMENTS:

• Minimum of a SECRET security clearance
• Bachelor’s degree in Computer Science or related technical field
• DoD 8570 IAT Level II Certification (SEC+ or other)
• 10+ years’ experience as a DevSecOps or Platform Engineer
• Proven, demonstrated technology experience with enterprise CI/CD
• Familiarization with programming best practices
• Ability to debug, optimize code, and automate routine tasks
• Systematic problem-solving approach, coupled with effective communication skills and a sense of drive
• Understanding of Unix/Linux operating systems
• Demonstrated experience building continuous, automated build and deploy pipelines.
• Demonstrated experience in conditional procedure of build and deploy pipeline based on security scans of source and artifact.
• Capable of working with software development team and platform infrastructure team to provide meaningful guidance to both for code development and deployment.
• In-depth knowledge of version control of release artifacts to facilitate upgrade rollout and rollback.
• Strong understanding of containerization of web applications.
• Understanding and familiarity with container orchestration engines such as K8s (EKS, AKS, GKE, Kops, OpenShift)
• Demonstrated Experience with GitLab CI/CD.
• Experience with bash shell scripting.
• Experience with AWS CI/CD tools and services.
• Experience with Agile development methodologies and working with Agile teams.
• Ability to work in a highly collaborative team environment.

PREFERRED EXPERIENCE/SKILLS:

• Master’s degree in science, technology, engineering, mathematics, computer science, economics, or related technical discipline
• AWS GovCloud experience is highly preferred.
• SAFe certification and experience are a plus.
• Experience working in IL4 or equivalent secure environments.
• Experience with security requirements in a federal IT environment, including FedRAMP-certified providers and FISMA requirements for acquiring an ATO.
• Experience working in a consultant/client environment