Title:DevSecOps Engineer
KBR is seeking a highly motivated Development Security Operations Engineer (DevSecOps) to join our team. The successful candidate will incorporate a range of software and analytical tools to support execution of workflows supporting Commercial Cloud Services (C2S). The candidate will develop methods to incorporate large intelligence collection data that supports collection assessments and analysis. Candidate will work as part of an integrated team in direct support of the US Government customer, FFRDC and other SETA team members in a professional work environment.
Responsibilities:
- Implement and automate cloud-based security controls, governance processes and compliance validation. Supports application accreditation with requisite design and documentation.
- Designs, manages, and maintains a stable and efficient infrastructure to optimize service delivery across production, test and development environments in the cloud throughout the development lifecycle.
- Designs, builds and maintains a stable and efficient infrastructure to optimize service delivery across production, test and development environments in the cloud throughout the development lifecycle.
- Implement security scanning and vulnerability management processes.
- Manage and optimize GitHub repositories and workflows.
- Collaborate with software development and operations teams to integrate security practices.
- Troubleshoot and resolve issues related to pipeline automation and security.
- Ensure compliance with security policies and procedures.
Minimum Qualifications:
- Bachelor's degree
- 6-10 years of DevSecOps experience
- Technical skills, knowledge and experience to accomplish work with minimal oversight
- Demonstrated ability to effectively communicate verbally and in writing
- Clearly and concisely express multifaceted concepts
- Develop ideas in a logical sequence leading to a validated conclusion
- Knowledge/experience of deployment/configuration management tools like Jenkins, Maven, Puppet, or Ansible
- Utilize version control tools like GIT, Bitbucket, SVN or CVS
- Experience with network infrastructure, database, cloud and data center operations, and security protocols.
- Strong knowledge of Linux and Windows OS
- Familiar with AWS and other cloud services
- Experience with programming and scripting languages like Python, Peri, Bash, PHO, Java, Angular, SQL, Postgress, C++, or C#
- Strong knowledge of security scanning tools and practices.
- Excellent problem-solving and troubleshooting skills.
- Strong communication and collaboration abilities.
Desired Qualifications:
- Master's of Science degree
- Experience with end-to-end components of software tools
- Experience packaging for Windows Server and Linux distributions including automating software template generation, configuring environments and tools, and packaging for installation
- Experience designing and deploying frameworks with IT automation tools
- Experience with security frameworks and Risk Management Framework (RMF) process
- Experience with DoD Authority to Operate (ATO) processes
- 8570 IAT II compliant certification such as Security+
- Certified Information Systems Security Professional (CISSP)
- Experience with collection management and data flows
- Relevant certifications (e.g., AWS Certified DevOps Engineer, Certified Kubernetes Administrator).
- Knowledge of compliance frameworks and security standards.
Security Requirements: Must have an active TS-SCI with a current Poly
KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.