What are the responsibilities and job description for the Cybersecurity DevSecOps Engineer position at SAIC?
Job Details
Job ID: 2500732
Location: ARLINGTON, VA, US
Date Posted: 2025-01-17
Category: Cyber
Subcategory: Cyber Engineer
Schedule: Full-time
Shift: Day Job
Travel: Yes, 10 % of the Time
Minimum Clearance Required: Top Secret
Clearance Level Must Be Able to Obtain: None
Potential for Remote Work: No
Description
SAIC is seeking a CyberSecurity DevSecOps Engineer to join our team and support the Department of the Air Force's (DAF) Cloud-Based Command and Control (CBC2) Product Support Team. The successful candidate will leverage their expertise in a variety of programming languages, frameworks, and technologies to perform compliance verification and validation across multiple applications.
Key Responsibilities
Conduct comprehensive risk and vulnerability assessments at the network, system, and application levels.
Perform NIST software compliance verification and validation for multiple government and contractor-based applications.
Review and analyze application source code developed in multiple languages.
Participate in cross-functional team diagnosis of problems to identify root cause when one or more layers of a technology stack may be involved especially in production environments.
Conduct DevSecOps operations to manage 50 GitLab CI/CD pipelines, including monitoring multiple tools and JIRA help desk queues.
Read and interpret dataflow, network, and other developmental diagrams effectively.
Research, evaluate, and recommend new security tools, techniques, and technologies, and introduce them to the enterprise in alignment with IT security strategy.
Assist in the implementation of the required government policy (e.g., NISPOM, DCID 6/3), and make recommendations on process tailoring. Perform analyses to validate established security requirements and recommend additional security requirements and safeguards.
Write and utilize documentation.
Communicate effectively with multiple stakeholders, including Government and Contractor teams, using tools such as Email, Mattermost, Slack, MS Teams, and Zoom.
Qualifications
Required Skills/Experience:
In-depth knowledge of at least one programming languages (eg Java, Python, TypeScript, C , etc.), frameworks (React, Angular, Spring, Django, Flask, etc.), design patterns, and technologies.
Familiarity with CI/CD pipelines, build tools (NPM, Maven, etc.), SCA tools (SonarQube, Fortify, etc.), Docker image creation, and Kubernetes container deployments.
IAT Level II Certification or higher required (e.g., CompTIA Security ).
Bachelor's Degree and 9 years of experience.
Basic knowledge of the Risk Management Framework (RMF) for Governmental Organizations.
Current Top Secret Clearance.
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
Location: ARLINGTON, VA, US
Date Posted: 2025-01-17
Category: Cyber
Subcategory: Cyber Engineer
Schedule: Full-time
Shift: Day Job
Travel: Yes, 10 % of the Time
Minimum Clearance Required: Top Secret
Clearance Level Must Be Able to Obtain: None
Potential for Remote Work: No
Description
SAIC is seeking a CyberSecurity DevSecOps Engineer to join our team and support the Department of the Air Force's (DAF) Cloud-Based Command and Control (CBC2) Product Support Team. The successful candidate will leverage their expertise in a variety of programming languages, frameworks, and technologies to perform compliance verification and validation across multiple applications.
Key Responsibilities
Conduct comprehensive risk and vulnerability assessments at the network, system, and application levels.
Perform NIST software compliance verification and validation for multiple government and contractor-based applications.
Review and analyze application source code developed in multiple languages.
Participate in cross-functional team diagnosis of problems to identify root cause when one or more layers of a technology stack may be involved especially in production environments.
Conduct DevSecOps operations to manage 50 GitLab CI/CD pipelines, including monitoring multiple tools and JIRA help desk queues.
Read and interpret dataflow, network, and other developmental diagrams effectively.
Research, evaluate, and recommend new security tools, techniques, and technologies, and introduce them to the enterprise in alignment with IT security strategy.
Assist in the implementation of the required government policy (e.g., NISPOM, DCID 6/3), and make recommendations on process tailoring. Perform analyses to validate established security requirements and recommend additional security requirements and safeguards.
Write and utilize documentation.
Communicate effectively with multiple stakeholders, including Government and Contractor teams, using tools such as Email, Mattermost, Slack, MS Teams, and Zoom.
Qualifications
Required Skills/Experience:
In-depth knowledge of at least one programming languages (eg Java, Python, TypeScript, C , etc.), frameworks (React, Angular, Spring, Django, Flask, etc.), design patterns, and technologies.
Familiarity with CI/CD pipelines, build tools (NPM, Maven, etc.), SCA tools (SonarQube, Fortify, etc.), Docker image creation, and Kubernetes container deployments.
IAT Level II Certification or higher required (e.g., CompTIA Security ).
Bachelor's Degree and 9 years of experience.
Basic knowledge of the Risk Management Framework (RMF) for Governmental Organizations.
Current Top Secret Clearance.
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
