DevSecOps Engineer Level 2

Roles and Responsibilities Requirements:

The DevSecOps Engineer Level 2 provides senior-level platform management architecture and support the unification and automation of processes to enable the development of software capability across the entire DOL organization, instrumental in combining code, application maintenance, and application management. Create, lead, and implement the tools to deliver an automated, CI/CD pipeline-based DevSecOps system capable of supporting containers, compiled software applications, scripts, and source code in a pre-compiled state. The DevSecOps engineer Level 2 brings a strong understanding of the development lifecycle goals and the transactions occurring within pipelines, scanning tools, deployments, and all development lifecycle steps. Work across the development, security, operations, and infrastructure (HW and SW) teams to ensure that the DevSecOps tools and processes support the holistic system development, integration, and fielding effort. Works actively with application development teams to coordinate and optimize the steps that execute within the DevOps ecosystem and bring consistency and best practices in approach, tools, and standards. Also, create and maintain fully automated Continuous Integration (CI) build and Continuous Deployment (CD) processes, which include writing builds and deployment scripts. Actively participates and provides inputs in major design decisions working with Architects. Designs and develops the system to set the standard for future development and craft an architecture that smoothly works with existing infrastructure without compromising security. Identifies and introduces new opportunities to build platform-based solutions to help users meet their toughest challenges. Demonstrates experience identifying marketplace plugins and/or designing/developing custom connectors as needed. Supports DOL to set the long-term strategy and roadmap for each team's platform standardization, modernization, and process/tool adoption.

Experience Requirements:

• Bachelor's degree with seven (10) plus years IT development experience (with a minimum of 5 years of experience in DevSecOps practice & tools);
• Experience building DevSecOps services in IaaS/PaaS/SaaS in Cloud (AWS, Azure) environments and good understanding of their security considerations;
• Familiarity with containerization and orchestration tools like Docker and Kubernetes;
• Experience with Kubernetes, Docker, and/or other cloud orchestration technologies;
• Experience with CI/CD best practices, automated builds and tests, quality gates, software quality, and CI tools, i.e., Jenkins, Ansible, Terraform, etc.;
• Experience with configuration management tools, i.e., Git, GitHub, GitLab, Bitbucket, others;
• Familiarity with branching strategies, gated commits, source-controlled management, etc;
• Familiarity with the principle of DevSecOps; Atlassian JIRA or other defect tracking tool experience; Atlassian Confluence, GitLab/GitHub, Jenkins, and artifact repository experience;
• Familiarity with security coding standard best practices, static and dynamic scanning tools, i.e., SonarQube, Fortify, Coverity, PCLint, etc;
• Programming and scripting experience in a UNIX environment (Bash, Shell, PowerShell, Perl, Python, Bash, Ruby, Shell, Scripts);
• Must have Agile/SAFe, and other related developer certifications and or demonstrate equivalent experience;