Senior DevSecOps Engineer
Herndon, VA
VivSoft Project – Information Technology Services /
Full-Time Remote /
Remote
About the company:
VivSoft is an emerging technology company that specializes in using modern technologies to solve our clients' toughest mission challenges. We are focused on Cloud, Enterprise DevSecOps, Artificial Intelligence, and Digital Customer Experience to drive mission-enabling digital transformation. Our passion is building mission-focused, open, scalable solutions. We are a diverse team of strategists, engineers, designers, and creators experienced in building high-performance software and AI factory accelerators by embracing automation.
Job Summary:
We are seeking an experienced and highly skilled Senior DevSecOps Engineer to join our team on a critical Department of Defense (DoD) project. As a senior member of our organization, you will lead the design, implementation, and management of secure DevOps practices, ensuring our systems are both efficient and secure. You will collaborate closely with development, operations, and security teams to integrate robust security measures across all phases of the software development lifecycle. We promote a culture of collaboration and professional growth, valuing your expertise and innovative thinking. Your leadership and technical expertise will be instrumental in safeguarding our Defense systems and advancing our mission to protect national security.
Key Responsibilities:
- Define and lead the implementation of DevSecOps strategies, ensuring security is integrated seamlessly into the development and operational processes.
- Architect, implement, and continuously improve secure CI/CD pipelines to automate and enhance software delivery with a focus on security.
- Develop and implement automated security controls, monitoring tools, and alerting systems to identify and mitigate potential threats.
- Provide technical leadership and mentorship to junior DevSecOps engineers and cross-functional teams, fostering a culture of continuous improvement and learning.
- Perform in-depth security assessments, vulnerability scans, and penetration testing, and lead efforts to remediate security gaps.
- Utilize and enhance Infrastructure as Code (IaC) tools such as Terraform and Ansible to automate the deployment and management of secure infrastructure.
- Work closely with development, operations, and security teams to ensure security best practices are integrated throughout the software development lifecycle.
- Ensure all systems and processes comply with DoD cybersecurity requirements and frameworks, such as NIST and DoD STIGs.
- Lead and coordinate incident response efforts, conducting thorough post-incident analysis and implementing improvements to enhance resilience.
- Stay up to date with emerging DevSecOps tools, technologies, and practices, driving innovation and continuous improvement in our security posture.
Skill/Qualification
- Active DoD security clearance is required.
- Bachelor's or master's degree in computer science, Information Technology, Cybersecurity, or a related field.
- 8+ years of experience in DevSecOps, DevOps, or a related field, with a strong focus on security within a DoD or government environment.
- Extensive experience with CI/CD tools and platforms Jenkins, GitLab CI, Azure DevOps.
- Strong scripting and automation skills in Python, Bash, PowerShell.
- Deep expertise in Infrastructure as Code (IaC) tools Terraform, Ansible.
- Proficiency with cloud platforms (e.g., AWS, Azure, Google Cloud) and container technologies (e.g., Docker, Kubernetes)
- In-depth knowledge of security frameworks and standards NIST, CIS, DoD STIGs.
- Strong experience with security tools such as SAST, DAST, SIEM, and vulnerability scanners
- Strong leadership and mentoring abilities.
- Excellent problem-solving and analytical skills.
- Effective communication and collaboration skills across diverse teams.
