DevOps Engineer

A leading consulting firm seeks a skilled Software Security Integration Engineer to join its Innovation and Technology group, supporting government clients. This role focuses on embedding security throughout the software development lifecycle, ensuring the delivery of robust and dependable applications. The ideal candidate possesses a solid understanding of development, security, and operations, and is passionate about automating workflows for enhanced efficiency and security.

Responsibilities:

• Collaborate with teams to architect, build, and maintain secure and scalable pipelines, integrating continuous integration, continuous delivery, and security practices.
• Automate the deployment, configuration, and monitoring of infrastructure and applications.
• Implement and enforce security controls and best practices across the software development lifecycle.
• Perform security assessments, vulnerability scans, and penetration tests.
• Ensure adherence to industry security and privacy standards.
• Integrate security tools and practices, such as static and dynamic analysis, and container security, into the CI/CD pipeline.
• Monitor and respond to security incidents, collaborating with teams for timely resolution.
• Provide security expertise to development and operations teams.
• Stay informed about emerging security threats and recommend solutions.
• Collaborate with development teams to integrate security into application design.
• Participate in code reviews, identify security flaws, and suggest fixes.
• Document processes and best practices.

Qualifications:

• Minimum four years of experience in a DevSecOps, Security Engineering, or related role.
• Experience with Node.js and package managers.
• Background in DevSecOps, CI/CD, application modernization, and/or cloud-native development.
• Strong understanding of DevOps principles and software development methodologies.
• Familiarity with cloud platforms (e.g., AWS, Azure, GCP) and IaC tools (e.g., Terraform, CloudFormation).
• Experience with containerization technologies (e.g., Docker, Kubernetes).
• Proficiency in scripting languages (e.g., Python, PowerShell, Bash).
• Knowledge of security frameworks and standards (e.g., NIST, CIS, OWASP).
• Experience with security tools (e.g., vulnerability scanners, intrusion detection systems).
• Strong problem-solving and analytical skills.
• Excellent communication skills.

Preferred Qualifications:

• Relevant certifications (e.g., Certified DevSecOps Engineer, CISSP).
• Advanced degree in a related field.

Compensation:

The annual salary range for this position is $98,000 - $163,000. Actual compensation will be determined based on various factors, including skills, experience, certifications, and business needs.

Benefits:

The company offers a comprehensive benefits package, including health insurance, paid time off, retirement plan, and professional development opportunities. A full list of benefits will be provided to qualified candidates.