Obsidian Global

Sr. DevOps Security Engineer

Devops in Alexandria, VA

Posted 2019-06-12
Description

MUST HAVE ACTIVE SECRET CLEARANCE

DESCRIPTION:
Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) Support Services is a US Government program responsible to monitor, detect, analyze, mitigate, and respond to cyber threats and adversarial activity on the DHS Enterprise. The DHS SOC has primary responsibility for monitoring and responding to security events and incidents detected at the Trusted Internet Connection (TIC) and Policy Enforcement Point (PEP) and is responsible for directing and coordinating detection and response activities performed by each Component SOC. Direction and coordination are achieved through a new shared DHS incident tracking system and other means of coordination and communication.

RESPONSIBILITIES:
The Sec/DevOps engineer will assist with gathering requirements, design, codify, integrate and implement secure solutions that support business functionality as well as the underlying infrastructure required to run and deploy those solutions.
Apply secure development/coding to include; but not limited to, cloud technology, internet servers, application whitelisting, virtualized containers, web-enabled database applications, network security, security engineering, data integrity, intrusion detection, firewall management, forensic and legal information security, virtual private networks, public key/infrastructure/digital signatures, encryption, network security architecture and DHS Policy.
Champion security by injecting security concerns into the existing development workflow; build security thinking into every stage of software development.
Coordinate with teams across the enterprise on the migration of existing IT services to the cloud; identify security technical requirements, potential problems and issues, and participate on agile software development teams.
Support SOC capabilities by customizing tools and automating processes for SOC and IR analysts

BASIC QUALIFICATIONS:
Must have an active Secret Level Clearance.
The candidate must possess the technical skills and experiences with Cloud Service (AWS, Azure, etc.), continuous delivery systems and enhancing SOC operations through automation. The ideal candidate will also have experience leading and mentoring junior members.
Previous professional experience with performing integrated quality assurance testing for security functionality and resiliency to attacks.
Previous professional experience with secure programming and identify potential flaws in codes to mitigate vulnerabilities.
Applies coding and testing standards, security testing tools (including ‘fuzzing’ static-analysis code scanning tools), Identify common coding flaws, threat modeling, and conducts code reviews.
Perform or support penetration testing as required for new or updated applications.
Recognize security implications in the software/code acceptance phase, including completion criteria, risk acceptance and documentation, common criteria, and methods of independent testing.
Participate in network and system design to ensure implementation of appropriate systems security policies, designs and implement systems security and data assurance.
Take an approach of; plan, code, build, test, release, deploy and monitor when writing software to automate CBP SOC security tasks
Knowledge of Source Code Management concepts (code lines, branching, merging, integration, versioning, etc.)
Excellent problem solving, analytical skills and technical troubleshooting skills
Ability to work with customers/stakeholders, developers, testers, project managers, support staff
Experience acquiring in-depth understanding of large complex software systems to isolate defects, reproduce defects, assess risk and understand varied customer deployment
Advanced working knowledge of the following:
encryption algorithms, secure communications, network and data communication protocols.
familiar with standard concepts, practices, and procedures within a particular field such as NIST, FISMA and Common Criteria regulations and standards.
Solid Programming skills in the following programing and markup languages:
Java, .Net, Python, Visual Basic, Powershell, Bash, C++, Javascript, html, CSS
REQUIRED EDUCATION/EXPERIENCE:
BS degree Science, Technology, Engineering, Math or related field and 7+ years of prior relevant software engineering or devops experience. Familiarity with software development life cycle models and agile programming methodologies

PREFERRED QUALIFICATIONS:
AWS Solutions Architect, DevOps Certs, RHCE
Orchestration of Cloud infrastructure (Infrastructure as Code)
Advance Degree in Computer Science or Computer Engineering

Must Have One of the Following Certifications:
CompTIA Advanced Security Practitioner (CASP)
GCIH – Incident Handler
GCWN – Windows Security Administrator
GISF – Security Fundamentals
GSSP – Secure Software Programmer
GICSP –Cyber Security Professional
GSSP – Secure Software Programmer
SEI (Software Engineering Institute)
CCSP – Certified Cloud Security Professional
CISSP – Certified Information Systems Security
CSSLP – Certified Secure Software Lifecycle Professional
SSCP – Systems Security Certified Practitioner
CCNP
CCNP Security
CCIE Security
CEH – Certified Ethical Hacker
ENSA – EC-Council Network Security Administrator
ECSP – EC-Council Certified Secure Programmer
MCSE – Microsoft Certified Solutions Expert (Server)
RHCA
RHCE
VCA (Certified Associate)
VCP (Certified Professional)
VCAP (Certified Advanced Professional)
VCIX (Implementation Expert)
VCDX (Certified Design Expert)
Converged Infrastructure Specialist
Certified Implementation Engineer Specialist
Certified Data Administrator Professional
Certified Storage Associate
Certified Splunk Architect

Obsidian Global, LLC is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

Ready to be Seen?

Apply now to have the opportunity to be considered for similar jobs at leading companies in the Seen network for FREE.

Company summary

Obsidian Global is a small federal IT Services firm experienced at developing solutions for government clients. We are headquartered in Washington, DC with offices in Bethesda and Colorado. We have 120+ employees nationwide and are ISO and CMMI certified.

Perks

In addition to traditional small business healthcare benefits and 401K, we offer an online training platform to increase your skills and certifications for growth. We believe in personal development and good work/life balance. We host happy hours, sporting events, and holiday parties throughout the year. We also partner with event sites, gyms, and other perks to pass along corporate savings to our employees.

Interview process

Most candidates go through an initial phone screening with the recruiter, then either a phone interview or in-person interview followed by an offer.

Be Seen in a new Devops job

Skip the search

Zero stress and one profile that can connect you directly to 1000s of companies.

Best-fit jobs—for you

We’ll take it from there. After you tell us what you’re looking for, we’ll show you off to matches.

Free Career Coaching

Boost your interview skills, map your tech career and seal the deal with 1:1 career coaching.

You get tech. We get you.

Join now and Be Seen.