Senior DevSecOps Engineer

Overview

CVP is seeking a hands on Senior DevSecOps Engineer to join our growing enterprise cybersecurity team. As a DevSecOps Engineer on this team, you will be responsible for integrating security through the entire software development lifecycle. 

Responsibilities

• Configuration and build of Kubernetes clusters (EKS) implementing security best practices.
• Creating CI/CD pipelines for application builds, and security use cases leveraging gitlab CI.
• Gitops process builds leveraging Flux CD, creating security configurations for application and improvements to currents designs.
• Administering and improving the Security pipeline for SAST, DAST, Vulnerability, and compliance checks and overall strategy of deployment.
• Assist with configuration and design of APP Mesh and micro-service design from a security perspective.
• Containerize security tools.
• Develop Terraform modules for security needs, to include Kubernetes cluster builds (EKS) and general aws resources.
• A part of Agile development teams, deliver an end-to-end automation of deployment, monitoring, and infrastructure management in a cloud environment.
• Build and configure delivery environments supporting CD/CI tools using an Agile delivery methodology.
• Create scripts and/or templates to automate and/or bootstrap infrastructure provisioning and management tasks.
• Work closely with our development team to create an automated continuous integration (CI) and continuous delivery (CD) system.
• Work together with vendors and other IT personnel for problem resolution.
• Monitor and support all installed systems and infrastructure.
• Develop custom scripts to increase system efficiency and lower the human intervention time on any tasks.
• Contribute to the design of information and operational support system.
• Evaluate application performance, identify potential bottlenecks, develop solutions, and implement them with the help of developers.

Qualifications

• Must possess or be able to obtain a federal background investigation of Tier 4 Critical High-Risk Public Trust (Form SF 85P) government security clearance. U.S. Citizenship required.
• Bachelor's degree in business, information technology, or related field of study; 
• Minimum 10 years of experience in IT Industry.
• At start date, must possess a professional DevOps or Cloud certification.
• Zero Trust.
• Experience with Gitlab CI and creating templates and multi-stage pipelines.
• Experience with Kubernetes best practices and App Mesh (Istio).
• Experience with creating organizational golden images and implementing security and hardening needs.
• Experience with OPA and Kubescan for compliance and hardening.
• Experience with Terraform and creating modules.
• Experience with Prometheus for monitoring and writing scrape jobs to ingest security appropriate metrics.
• Experience with GitOPS especially Flux and its best practices to improve processes and delivery.
• Experience with fully automating CI/CD pipelines end-to-end, from code commits to production
• Demonstrated experience with secure development, coding, engineering practices;
• Strong scripting skills, including shell scripts, Perl, Ruby, Python, Go, Groovy, Helm, etc.
• Excellent knowledge of networking technologies, particularly with OSI network layers and TCP/IP.
• Experience deploying and monitoring web applications in AWS.
• Security first mindset.
• Experience with Infrastructure as Code and infrastructure testing strategies.
• Experience with systems reliability, load balancing, monitoring, logging.
• Effective verbal and non-verbal communication with peers and clients.
• Knowledge of NIST Cybersecurity and Risk Management frameworks and associated requirements.
• Risk management processes (e.g., methods for assessing and mitigating risk).
• Cybersecurity/privacy principles and cyber threats and vulnerabilities.

Desired Skills

• AWS Certified Architect.  
• Pen Testing experience.
• Cyber program analysis.
• Cyber development, engineering and architecture.
• Splunk Engineer.
• Crafting and authoring cyber policy.
• Cyber Risk Management.
• DevSecOps Engineers.
• Linux Engineer.

About CVP

Here at CVP we value our Veterans and encourage all to apply!

Customer Value Partners (CVP) is an award-winning business and next-gen technology consulting company that helps organizations navigate disruption and prepare for a culture of Continuous Change. We solve critical problems for healthcare, national security, and public sector clients through innovative strategies and solutions which leverage technologies and industry expertise in areas including Technology Modernization, Health, Data Science & Engineering, Business Transformation, and Cybersecurity. CVP delivers unparalleled excellence to clients and employees through our strong culture of integrity, engagement, respect, and a passion for our clients’ missions.

Customer Value Partners, Inc. is a VEVRAA Federal Contractor and an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status, or disability. Customer Value Partners seeks to provide employment opportunities for protected veterans and individuals with disabilities.