Senior DevSecOps Engineer

As a Senior DevSecOps Engineer at the Department of Defense Cyber Crime Center (DC3), you will play a crucial role in safeguarding our nation's digital landscape while shaping our DevSecOps strategy and leveraging cutting-edge technologies to enhance our cybersecurity capabilities.

Your responsibilities will encompass a wide range of key areas, including evaluating and configuring security infrastructure systems globally, conducting internal audits to improve system integrity, and establishing frameworks for measuring and quantifying cyber risk. You will work closely with the Information System Security Officer (ISSO) to strengthen security policies and coordinate the maintenance of security toolsets for continuous monitoring. Furthermore, you will be tasked with managing enterprise applications, implementing security controls, and defining standards for builds and deployments to ensure compliance with security policies. As part of Agile development teams, you will automate deployment and infrastructure management, all while monitoring and analyzing cyber events to enhance system efficiency. Your role will also involve system management, troubleshooting security issues, conducting vulnerability assessments, and ensuring compliance with established standards, which are vital for maintaining security integrity and supporting incident response efforts.

Additional Key Responsibilities:

Risk Assessment and Analysis: Conduct comprehensive system security and vulnerability analyses to evaluate potential cyber risks, providing actionable insights and recommendations for mitigating identified threats.
• Security System Implementation: Implement security systems by specifying intrusion detection methodologies and overseeing the installation and calibration of necessary equipment and software. Prepare preventive and reactive measures to counteract potential security threats.
• Security Standards Verification: Maintain security by consistently monitoring and ensuring adherence to established standards, policies, and procedures. Develop and conduct incident response analyses to improve the organization's security posture.
• Framework Establishment: Establish robust frameworks that facilitate the ongoing measurement and quantification of cyber risk within the organization, ensuring transparency and informed decision-making.
• Training and Awareness Programs: Develop and conduct training programs aimed at enhancing the cybersecurity awareness of staff members and stakeholders, empowering them to recognize and respond to cyber threats effectively.
• Design and Integration of IA Architectures: Design, develop, implement, and integrate Information Assurance (IA) architectures and systems or system components for use within computing, network, and enclave environments, ensuring that both operational and development systems are secure and functional.

Required Qualifications:

Education and Experience:

• Minimum of 12 years with BS/BA; Minimum of 10 years with MS/MA; Minimum of 7 years with Ph.D. Additional 4 years of experience allowed in lieu of BS/BA degree.

Cloud Experience:

• Minimum 2-3 years of experience working with cloud platforms (AWS and/or Azure).

DevOps/DevSecOps Leadership:

• Proven experience leading DevOps/DevSecOps implementations in large programs, particularly in migrating legacy applications and automating systems to enhance software lifecycle management.

Technical Expertise:

• In-depth knowledge of DevSecOps techniques, including continuous integration, continuous testing, and continuous deployment methodologies.
• Familiarity with intrusion detection methodologies and security systems implementation, including the preparation of preventive and reactive measures.

Security Management:

• Conduct regular security scans, analyze results, and implement resolutions. Test new hardware and software to ensure compliance with DISA STIGs.
• Provide technical support and complete documentation to ensure clear communication of security strategies and measures.

Documentation:

• Create, maintain, and implement detailed documentation and standard operating procedures.

Operating Systems:

• Familiarity with multiple operating systems (Windows, Linux, etc.) and at least one Relational Database Management System (RDBMS) (Oracle, MySQL, PostgreSQL, SQL Server, etc.).

Strategic Thinking:

• Ability to think strategically and to work both independently and collaboratively within a small team.

Clearance: Active Secret clearance (TS/SCI clearance preferred)

Desired Qualifications:

Network Design and Deployment:

• 5+ years of experience with large-scale network design and deployment.

Tools and Technologies:

• Experience with CloudFormation and Elasticsearch.
• Basic understanding of an Object-Oriented Programming Language, preferably Java or Python.
• Experience integrating Jenkins and Docker for automated CI/CD pipelines.
• Basic understanding of Kubernetes or OpenShift Container Platform.

Certifications:

• Global Skill Development Council - Certified DevOps Engineer or a similar certification.

Agile and DevSecOps Implementation:

• Experience implementing DevSecOps for large programs using Agile methodologies, preferably SAFe.
• Experience in managing DevSecOps for cloud-based systems within modernization programs to meet legacy requirements.

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.