Summary: The DevSecOps Engineer applies knowledge and skills in IT operations management, security architectures, cybersecurity, and risk assessment techniques to ensure the client's network and IT infrastructure are free from security holes. The DevSecOps Engineer is responsible for scaling our DevSecOps culture and technical capabilities. In aligning with SAFe, the DevSecOps Engineer will represent a System Team approach and be responsible for development and maintenance of the toolchain that supports the CI/CD Pipeline. The DevSecOps Engineer will implement Liberty's DevSecOps Maturity Assessment Model, collaborate with the "Big Six" and Infrastructure Operations (IO) to overcome deployment bottlenecks, and accelerate delivery across PTs with our Software Factory. The DevSecOps Engineer will also support security activities to include Assessment and Authorization. The DevSecOps Engineer will create Process Efficiencies for: Consolidating DevSecOps requirements to generate PL efficiencies; understanding future state DevSecOps requirements; providing shared technologies to implement system integration. Remote work allowed. Required Education: Bachelor's Degree: computer science, electronics engineering or other engineering or technical discipline is required. Master's preferred. Required Years of Experience: 8 years, or 10 years of additional relevant experience may be substituted for education Responsibilities: Design and develop IT architecture. Create diagrams and documentation with all components that comprise IT systems including network topology. Conduct technical requirements analysis Create software development plans, strategies and architectures that are secure and scalable Expert-level professional and requires a high level of information assurance and security experience across disparate systems in the enterprise. Possesses specific systems engineering knowledge and experience in one or more areas including current security technologies such as Public Key Infrastructure (PKI), Key Management (KM), Key Root Management (KRM) and Virtual Private Networks (VPN), but also emerging technologies such as but not limited to Identity Management (IdM), Privilege Management (PrM), Digital Policy Management, IA Metadata, Crypto Key Management, Credential Management and Attribute Management. Able to independently accomplish complex requirements across systems of varying maturity and hardened states. Performs requirements analysis to determine security needs for complex software, systems, components, and networks. Designs software tools and subsystems to support integration of security products into a secure IT enterprise environment. Interface with client to determine present and future secure network needs and designs complex network architecture to meet requirements. Designs and implements test and evaluation processes for security and resolves complex integrity issues. Provides guidance to less experienced secure systems/software engineers. Performs complex assignment with little guidance. Has latitude in completing broad objectives. Minimum Qualifications: VA or other Federal Government experience required. Extensive experience in the design and development of Client Server and Web Enabled Corporate applications including network topology. Well versed in Object Oriented tools and techniques. Thorough knowledge of data modeling skills using automated tools. Experience in creating and conveying to team members the architectural vision for a program or project. Experience in establishing and enforcing standards and practices. Experience overseeing the development team, he manages the full life cycle of the software development process. Extensive software development experience and thorough knowledge of a variety of programming languages and logic. Knowledge of software development and user interface web applications Familiarity with Agile frameworks and regression testing is a plus Familiarity with design/architectural patterns (e.g. Model-View-Controller (MVC)) Familiarity with architecture styles/APIs (REST, RPC) Excellent analytical and organization skills An ability to understand front-end users' requirements and a problem-solving attitude Excellent verbal and written communication skills International Information System Security Certification Consortium (ISC)2 (Certified Information System Security Professional) AWS Solutions Architect (Associate) or Developer (Associate).OR MAG Azure Solutions Architect (Associate) or Azure Developer (Associate) 3 or more years experience in translating NIST SP 800-53 security controls into actionable application security mechanisms 1 or more years experience in overseeing implementation of cybersecurity within the CI/CD pipeline Ability to obtain a clearance with the U.S. Government Preferred Qualifications: CMMI Maturity Level 3, ISO 9001:2015 or 9001:2001, and ITIL experience a plus Has high standards, results oriented, and a commitment to delivering high quality software on time
S:GPSMALLA-CLZFL