DevSecops ENGINEER Hyattsville, MD (2X per week onsite) LONG TERM CONTRACT
MUST BE ABLE TO TAKE SECURITY CLEARANCE What you will do: Support design, implementation, and maintenance of security controls and processes across the SDLC, including code scanning, vulnerability assessment, and security testing. Create, develop, and implement automation and system integration for various build platforms. Create plug-and-play/reusable solutions and patterns for CICD pipelines, and build or maintain CICD building blocks and shared libraries proactively for development and deployment efficiency Publish and disseminate DevSecOps best practices, patterns, and solutions Monitor and respond to security incidents, conducting root cause analysis and implementing corrective actions to prevent future occurrences. Design action plans to address CICD platform/tools/solutions shortcomings and difficulties Working closely with Cloud Infrastructure and Security teams to ensure organizational best practices are followed Perform performance analysis and optimization, monitoring and problem resolution, upgrade planning and execution, and process creation and documentation. Align with technological Systems/Software Development Life Cycle (SDLC) processes and industry-standard service management principles (such as ITIL) Can function in project leadership roles and represent Vidoori as the prime customer contact on significant technical mattersExperience: Ten (10) years in engineering, computer science, or related field Five (5) years of hands-on experience supporting DevSecOps to build and automated software development processes. Extensive knowledge of institutionalizing Agile and DevSecOps toolkits not limited to but including: Ansible, Jenkins, GitLab, Artifactory, Jira, Terraform, Version Control Software, or comparable technologies. Familiarity with information security frameworks and standards (SAST, DAST, IAST, RASP) Familiarity with Threat modeling, Static Analysis Tools, and Risk Assessment Techniques Strong understanding of cloud computing platforms (e.g., AWS, Azure, Google Cloud Platform) and experience with cloud security best practices. Excellent communication and collaboration skills, with the ability to work effectively in a fast-paced, dynamic environment. Hands on source code management tools like Git.Technologies and Tools:Docker, Kubernetes, Terraform, Gitlab, Jenkins, PostgreSQL, AWS, Azure, NPM, JSON, JSON Schema, Markdown, RxJS, HTML, CSS, Git, GitHub, and Unix/Linux.