Title:
DevSecOps EngineerKBR is seeking a highly motivated Development Security Operations Engineer (DevSecOps) to join our team. The successful candidate will incorporate a range of software and analytical tools to support execution of workflows supporting Commercial Cloud Services (C2S). The candidate will develop methods to incorporate large intelligence collection data that supports collection assessments and analysis. Candidate will work as part of an integrated team in direct support of the US Government customer, FFRDC and other SETA team members in a professional work environment.
Responsibilities:
Implement and automate cloud-based security controls, governance processes and compliance validation. Supports application accreditation with requisite design and documentation.Designs, manages, and maintains a stable and efficient infrastructure to optimize service delivery across production, test and development environments in the cloud throughout the development lifecycle.Designs, builds and maintains a stable and efficient infrastructure to optimize service delivery across production, test and development environments in the cloud throughout the development lifecycle.Implement security scanning and vulnerability management processes.Manage and optimize GitHub repositories and workflows.Collaborate with software development and operations teams to integrate security practices.Troubleshoot and resolve issues related to pipeline automation and security.Ensure compliance with security policies and procedures.Minimum Qualifications:
Bachelor’s degree3-5 years of DevSecOps experienceTechnical skills, knowledge and experience to accomplish work with minimal oversightDemonstrated ability to effectively communicate verbally and in writingClearly and concisely express multifaceted conceptsDevelop ideas in a logical sequence leading to a validated conclusionKnowledge/experience of deployment/configuration management tools like Jenkins, Maven, Puppet, or AnsibleUtilize version control tools like GIT, Bitbucket, SVN or CVSExperience with network infrastructure, database, cloud and data center operations, and security protocols.Strong knowledge of Linux and Windows OSFamiliar with AWS and other cloud servicesExperience with programming and scripting languages like Python, Peri, Bash, PHO, Java, Angular, SQL, Postgress, C++, or C#Strong knowledge of security scanning tools and practices.Excellent problem-solving and troubleshooting skills.Strong communication and collaboration abilities.Desired Qualifications:
Master’s of Science degreeExperience with end-to-end components of software toolsExperience packaging for Windows Server and Linux distributions including automating software template generation, configuring environments and tools, and packaging for installationExperience designing and deploying frameworks with IT automation toolsExperience with security frameworks and Risk Management Framework (RMF) processExperience with DoD Authority to Operate (ATO) processes8570 IAT II compliant certification such as Security+Certified Information Systems Security Professional (CISSP)Experience with collection management and data flowsRelevant certifications (e.g., AWS Certified DevOps Engineer, Certified Kubernetes Administrator).Knowledge of compliance frameworks and security standards.Security Requirements: Must have an active TS-SCI with a current Poly
KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.