Talent.com
AWS DevSecOps Engineer
AWS DevSecOps EngineerVITG • Ellicott City, MD, United States
AWS DevSecOps Engineer

AWS DevSecOps Engineer

VITG • Ellicott City, MD, United States
[job_card.variable_days_ago]
[job_preview.job_type]
  • [job_card.full_time]
[job_card.job_description]

Job Description :

VITG is seeking a DevSecOps Engineer responsible for automating security integration throughout the CI / CD pipeline and the AWS cloud environment. This role will "shift security left" by taking the lead on implementing security-as-code tools, managing their usage, ensuring their proper configuration and compliance, and proactively embedding security policy into the development process. Our ideal candidate is passionate about being part of a "change," and working in a dynamic and highly collaborative environment focused on speed, stability, and security.

The DevSecOps Engineer provides hands-on expertise to integrate and maintain the security posture for corporate systems that support Federal programs, ensuring a successful program Authority To Operate (ATO). You will be responsible for developing, monitoring, and maintaining systems and procedures to safeguard internal information systems, networks, and CI / CD pipelines through automation.

Applicant Requirements :

  • US citizen or must be authorized to work in the United States
  • Must have lived in the USA for three years of the last five years
  • Must be able to obtain a US federal gov badge and eligible for Public Trust clearance
  • Must be able to pass a background check, including a drug test

Job Responsibilities :

  • Develop, implement, and maintain security automation throughout the entire SDLC, integrating security into the CI / CD pipelines using Jenkins / Github and Infrastructure-as-Code (IaC) principles.
  • Run and manage security scans with tools such as Snyk (SAST / SCA) and establish automated tracking and enforcement mechanisms for vulnerability remediation.
  • Integrate and manage security workloads running on AWS containers and ensure container image scanning and runtime security policies are enforced.
  • Design, manage, and maintain source code for AWS infrastructure in GitHub and manage automated pipelines, ensuring security checks and gates are embedded in every deployment.
  • Maintain security information on JIRA / Confluence and actively participate in agile DevSecOps practices, promoting a "Secure-by-Design" culture.
  • Provides hands-on support for developing, coordinating, implementing, and enforcing information systems security policies, standards, and methodologies as code.
  • Maintain operational security posture for Enterprise Salesforce FISMA system by ensuring security is baked into configuration and deployment practices.
  • Implement security tools, security tool usage, and policy-as-code to ensure configurations remain compliant and configured properly, all while ensuring a successful program ATO.
  • Automate vulnerability / risk assessment analysis to support continuous monitoring and authorization.
  • Manages changes to the system and assesses the security impact of those changes through automated compliance checks.
  • Assists with the management of security aspects of the information system and performs day-to-day security operations of the system
  • Evaluate security solutions to ensure they meet security requirements for processing classified information
  • Performs vulnerability / risk assessment analysis to support certification and accreditation
  • Prepares and reviews documentation to include System Security Plans (SSPs), Risk Assessment Reports, Certification and Accreditation (C&A) packages, and System Requirements Traceability Matrices (SRTMs)

    • Qualifications & Skills :

  • Bachelor's or Master's degree in Computer Science, Engineering, Information Technology, or a related discipline
  • Minimum of 6 years related experience in Information Technology including 4 years in the DevSecOps or Application Security (AppSec) space.
  • Demonstrated hands-on experience in cloud environments such as AWS Commercial and GovCloud, specifically with security automation, logging, and monitoring services (e.g., GuardDuty, Security Hub, CloudTrail).
  • Expertise in CI / CD pipeline management and the integration of security tools for Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and Software Composition Analysis (SCA).
  • Required : Strong hands-on experience with AWS, Snyk, GitHub, JIRA, and Confluence to implement and manage the end-to-end DevSecOps toolchain.
  • Demonstrated work experience with Infrastructure-as-Code (IaC) security (e.g., using Checkov or Terrascan on Terraform / CloudFormation).
  • (Preferred) Experience with Salesforce Platform and tool ecosystem
  • (Preferred)Salesforce or any other platform tool - Configuration / Setup of External Client Applications and Secure Communications (TLS)
  • (Preferred) AppOmni - Have used it and can manage issues, perform new org additions and configurations.
  • Strong background in the certification and accreditation process (ATO) and the ability to automate compliance checks against frameworks like FISMA, NIST, and FedRAMP.
  • Possesses working knowledge of business security practices, current security automation tools, and policy-as-code implementation.
  • Demonstrated working knowledge of vulnerability assessment and penetration testing processes, focusing on how to automate these checks.
  • Experience with Government Agency Security Assessment Process in support of maintaining and / or establishing an ATO and the appropriate boundary.
  • Experience with, understanding of and adherence to guidelines such as FISMA, NIST, HIPPA, and IRS Pub-1075 (Preferred)

    • Preferred Certifications :

  • Require AWS DevOps or SysOps or equivalent Certification
  • Preferably possess industry certification such as the CISSP, CEH, GIAC, etc

    • Job Type : Full Time

    Salary : BOE

    Benefits :

  • 401(k) with employer contribution
  • Medical / Dental / Vision insurance (option for full coverage for employee)
  • Life, ST / LT insurance
  • Professional development opportunities

    • Schedule :

  • 8 hour shift
  • May include minimal after hours support depending on deployment schedule

    • Work Type :

  • Hybrid remote in Ellicott City, MD 21043
  • 1 to 2 days in office weekly
    • [job_alerts.create_a_job]

    Aws Engineer • Ellicott City, MD, United States

    [internal_linking.related_jobs]
    AWS Cloud Engineer

    AWS Cloud Engineer

    Barrow Wise Consulting • MD, USA
    [job_card.full_time]
    [filters_job_card.quick_apply]
    Enjoy problem-solving, need a venue to display your creativity, and emerging technologies pique your interest; if so, Barrow Wise Consulting, LLC is for you. As a multi-disciplined leader, you under...[show_more]
    [last_updated.last_updated_30]
    Cloud Engineer

    Cloud Engineer

    MANTECH • Fort Meade, Maryland, US
    [job_card.full_time]
    In this role, you will develop, maintain, and enhance complex cloud systems based upon documented requirements.Responsibilities include, but are not limited to : . Provides cloud software development / ...[show_more]
    [last_updated.last_updated_variable_hours] • [promoted] • [new]
    DevOps Engineer- 3405121

    DevOps Engineer- 3405121

    CTC • Annapolis Junction, MD, US
    [job_card.full_time]
    Computer Technologies Consultants (CTC, Inc.US Navy Enterprise Networks program in Annapolis Junction, MD.With offices in Washington DC and San Diego, CA, CTC is a leading technology company provid...[show_more]
    [last_updated.last_updated_30] • [promoted]
    Cloud Engineer (AWS)

    Cloud Engineer (AWS)

    Contact Government Services, LLC • Baltimore, MD, US
    [job_card.full_time]
    Employment Type : Full-Time, Experienced .Department : Information technology .We are seeking a Cloud Engineer (AWS) who will be responsible for supporting the development of a...[show_more]
    [last_updated.last_updated_30] • [promoted]
    DevOps Engineer

    DevOps Engineer

    RSC2 • Hanover, MD, US
    [job_card.full_time]
    Small Business Administration (SBA) Certified HUBZone Professional Services company headquartered in Baltimore, Maryland. RSC2 provides breakthrough expertise, support services, and technologies to ...[show_more]
    [last_updated.last_updated_30] • [promoted]
    DevOps Engineer

    DevOps Engineer

    ClearEdge • Annapolis Junction, MD, US
    [job_card.full_time]
    Join ClearEdge and be a part of a dynamic team that solves some of the DoD’s most complex technical challenges.Every day, ClearEdge empowers our customers in government and industry with inno...[show_more]
    [last_updated.last_updated_30] • [promoted]
    Senior DevOps Engineer (Cloud)

    Senior DevOps Engineer (Cloud)

    Amatriot Group, LLC • Annapolis Junction, MD, US
    [job_card.full_time]
    This represents the potential salary range for this position depending on education level, years of experience and / or certifications in addition to other position specific requirements which may im...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    DevOps Engineer (Terraform)- 3429928

    DevOps Engineer (Terraform)- 3429928

    CTC • Annapolis Junction, MD, US
    [job_card.full_time]
    Computer Technologies Consultants (CTC, Inc.DevOps Engineer with a strong specialization in Terraform to join our dynamic team on a US Navy Enterprise Networks program in Annapolis Junction, MD.In ...[show_more]
    [last_updated.last_updated_30] • [promoted]
    DevOps Engineers - Poly required

    DevOps Engineers - Poly required

    Leidos Inc • Annapolis Junction, MD, United States
    [job_card.full_time]
    National Security Sector's (NSS) Cyber & Analytics Business Area (CABA).Our talented team is at the forefront in Security Engineering, Computer Network Operations (CNO), Mission Software, Analytica...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    Cloud Engineer

    Cloud Engineer

    Prime Time Consulting • Annapolis Junction, MD, US
    [job_card.full_time]
    Prime Time Consulting, a GRVTY Company, provides clients with expert intelligence analysis services.Our clients include defense contractors, industrial and service corporations, and departments and...[show_more]
    [last_updated.last_updated_30] • [promoted]
    DevOps Engineer (Terraform)

    DevOps Engineer (Terraform)

    HRUCKUS • Annapolis Junction, MD, United States
    [job_card.full_time]
    Veteran-Owned Firm Seeking a DevOps Engineer (Terraform) with TS / SCI for a role in Annapolis Junction, MD.I lead a Veteran-Owned management consulting firm in Washington, DC.We specialize in Techni...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    AWS Engineer

    AWS Engineer

    Zone IT Solutions • Owings Mills, MD, US
    [job_card.full_time]
    We are looking for a skilled AWS Engineer.In this role, you will be responsible for the design, implementation, and management of AWS cloud solutions to help our clients optimize their operations.M...[show_more]
    [last_updated.last_updated_30] • [promoted]
    DevSecOps Engineer

    DevSecOps Engineer

    Dark Wolf Solutions • Fort Meade, MD, US
    [job_card.full_time]
    Deployment (CI / CD) tools and processes used by the development team, and / or to maintain the deployed software product and ensure observability and security across its lifecycle.A successful candida...[show_more]
    [last_updated.last_updated_30] • [promoted]
    Senior DevOps Engineer

    Senior DevOps Engineer

    Leidos Inc • Annapolis Junction, MD, United States
    [job_card.full_time]
    National Security Sector's (NSS) Cyber & Analytics Business Area (CABA).Our talented team is at the forefront in Security Engineering, Computer Network Operations (CNO), Mission Software, Analytica...[show_more]
    [last_updated.last_updated_30] • [promoted]
    Senior DevOps Engineer (.NET / Azure / Accela / Government systems)

    Senior DevOps Engineer (.NET / Azure / Accela / Government systems)

    Trigyn Technologies Inc • Baltimore, MD, US
    [job_card.full_time] +1
    Immediate contract to hire opportunity for Senior DevOps Engineer with direct client in Baltimore, MD.Trigyn's direct client has a contract to hire opportunity (Temp to Perm full time) for a Senior...[show_more]
    [last_updated.last_updated_variable_days] • [promoted]
    DevOps Engineers

    DevOps Engineers

    Artera Technologies • Fort Meade, MD, US
    [job_card.full_time]
    [filters_job_card.quick_apply]
    Full Time Level : Mid, Senior, Principal Location : Maryland (Annapolis Junction / Fort Meade area) Security Clearance : TS / SCI with Appropriate Agency Polygraph Artera Technologies, LLC’s Cloud...[show_more]
    [last_updated.last_updated_30]
    Principal DevOps Engineer

    Principal DevOps Engineer

    GliaCell Technologies • Annapolis Junction, MD, US
    [job_card.full_time]
    [filters_job_card.quick_apply]
    Are you a Principal DevOps Engineer who is ready for a new challenge that will launch your career to the next level?.Tired of being treated like a company drone?.Tired of promis...[show_more]
    [last_updated.last_updated_30]
    DevSecOps Engineer (Platform & Operations)

    DevSecOps Engineer (Platform & Operations)

    DarkStar Intelligence LLC • Fort Meade, MD, US
    [job_card.full_time]
    [filters_job_card.quick_apply]
    DevSecOps Engineer (Platform & Operations) Location : .Fort Meade, MD | Type : Full-Time | Clearance : TS / SCI CI Poly Note : These positions are part of an active proposal effort and are contingent ...[show_more]
    [last_updated.last_updated_30]