We are looking for a Sec/DevOps Engineer to join our team in Springfield, VA.
The Sec/DevOps engineer will gather requirements, design, codify, integrate and implement secure solutions that support business functionality as well as the underlying infrastructure required to run
and deploy those solutions.
Apply secure development/coding to include; but not limited to, cloud technology, internet servers, application whitelisting, virtualized containers, web-enabled database applications, network security, security engineering, data integrity, intrusion detection, firewall management, forensic and legal information security, virtual private networks, public key/infrastructure/digital signatures, encryption, network security architecture and DHS Policy.
Champion security by injecting security concerns into the existing development workflow; build security thinking into every stage of software development.
Coordinate with teams across the enterprise on the migration of existing IT services to the cloud; identify security technical requirements, potential problems and issues, and participate on agile software development teams.
Support SOC capabilities by customizing tools and automating processes for SOC and IR analysts
ACTIVE Secret Clearance
Must Have One of the Following J3 Certifications
Sr. Security Engineer:
CompTIA Advanced Security Practitioner (CASP)
GCIH – Incident Handler
GCWN – Windows Security Administrator
GISF – Security Fundamentals
GISP – Security Professional
GSSP – Secure Software Programmer
GICSP –Cyber Security Professional
GSSP – Secure Software Programmer
SEI (Software Engineering Institute)
CCSP – Certified Cloud Security Professional
CISSP – Certified Information Systems Security
CSSLP – Certified Secure Software Lifecycle Professional
SSCP – Systems Security Certified Practitioner
CEH – Certified Ethical Hacker
ECSP – EC-Council Certified Secure Programmer
MCSE – Microsoft Certified Solutions Expert (Server)
VCA (Certified Associate)
VCP (Certified Professional)
VCAP (Certified Advanced Professional)
VCIX (Implementation Expert)
VCDX (Certified Design Expert)
Converged Infrastructure Specialist
Certified Implementation Engineer Specialist
Certified Data Administrator Professional
Certified Storage Associate
Certified Splunk Architect
The candidate must possess the technical skills and experiences with Cloud Service (AWS, Azure, etc.), continuous delivery systems and enhancing SOC operations through automation. The ideal candidate will also have experience leading and mentoring junior members.
Previous professional experience with performing integrated quality assurance testing for security functionality and resiliency to attacks.
Previous professional experience with secure programming and identify potential flaws in codes to mitigate vulnerabilities.
Applies coding and testing standards, security testing tools (including ‘fuzzing’ static-analysis code scanning tools), Identify common coding flaws, threat modeling, and conducts code reviews.
Perform or support penetration testing as required for new or updated applications.
Recognize security implications in the software/code acceptance phase, including completion criteria, risk acceptance and documentation, common criteria, and methods of independent testing.
Participate in network and system design to ensure implementation of appropriate systems security policies, designs and implement systems security and data assurance.
Take an approach of; plan, code, build, test, release, deploy and monitor when writing software to automate CBP SOC security tasks
Knowledge of Source Code Management concepts (code lines, branching, merging, integration, versioning, etc.)
Excellent problem solving, analytical skills and technical troubleshooting skills
Ability to work with customers/stakeholders, developers, testers, project managers, support staff
Experience acquiring in-depth understanding of large complex software systems to isolate defects, reproduce defects, assess risk and understand varied customer deployment
Advanced working knowledge of the following:
encryption algorithms, secure communications, network and data communication protocols.
familiar with standard concepts, practices, and procedures within a particular field such as NIST, FISMA and Common Criteria regulations and standards.
Solid Programming skills in the following programing and markup languages:
BS degree Science, Technology, Engineering, Math or related field and 7+ years of prior relevant software engineering or devops experience. Familiarity with software development life cycle models and agile programming methodologies
SSi is an equal opportunity employer regardless of race, color, religion, creed, sex, marital status, national origin, disability, age, veteran status, on-the-job injury, sexual orientation, political affiliation or belief. Employment decisions are made without consideration of these or any other factors that employers are prohibited by law from considering. Any discriminatory action can be a cause for disciplinary action. SSi also prohibits discrimination against individuals with disabilities and will reasonably accommodate applicants with a disability, upon request, and will also ensure reasonable accommodation for employees with a disability. Veterans are encouraged to apply.