Today
Top Secret
Unspecified
Unspecified
IT - Security
Arlington, VA (On-Site/Office)
Description
SAIC is seeking a CyberSecurity DevSecOps Engineer to join our team and support the Department of the Air Force's (DAF) Cloud-Based Command and Control (CBC2) Product Support Team. The successful candidate will leverage their expertise in a variety of programming languages, frameworks, and technologies to perform compliance verification and validation across multiple applications.
Key Responsibilities
• Conduct comprehensive risk and vulnerability assessments at the network, system, and application levels.
• Perform NIST software compliance verification and validation for multiple government and contractor-based applications.
• Review and analyze application source code developed in multiple languages.
• Participate in cross-functional team diagnosis of problems to identify root cause when one or more layers of a technology stack may be involved especially in production environments.
• Conduct DevSecOps operations to manage 50+ GitLab CI/CD pipelines, including monitoring multiple tools and JIRA help desk queues.
• Read and interpret dataflow, network, and other developmental diagrams effectively.
• Research, evaluate, and recommend new security tools, techniques, and technologies, and introduce them to the enterprise in alignment with IT security strategy.
• Assist in the implementation of the required government policy (e.g., NISPOM, DCID 6/3), and make recommendations on process tailoring. Perform analyses to validate established security requirements and recommend additional security requirements and safeguards.
• Write and utilize documentation.
• Communicate effectively with multiple stakeholders, including Government and Contractor teams, using tools such as Email, Mattermost, Slack, MS Teams, and Zoom.
Qualifications
Required Skills/Experience:
• In-depth knowledge of at least one programming languages (eg Java, Python, TypeScript, C++, etc.), frameworks (React, Angular, Spring, Django, Flask, etc.), design patterns, and technologies.
• Familiarity with CI/CD pipelines, build tools (NPM, Maven, etc.), SCA tools (SonarQube, Fortify, etc.), Docker image creation, and Kubernetes container deployments.
• IAT Level II Certification or higher required (e.g., CompTIA Security+).
• Bachelor's Degree and 9 years of experience.
• Basic knowledge of the Risk Management Framework (RMF) for Governmental Organizations.
• Current Top Secret Clearance.
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
SAIC is seeking a CyberSecurity DevSecOps Engineer to join our team and support the Department of the Air Force's (DAF) Cloud-Based Command and Control (CBC2) Product Support Team. The successful candidate will leverage their expertise in a variety of programming languages, frameworks, and technologies to perform compliance verification and validation across multiple applications.
Key Responsibilities
• Conduct comprehensive risk and vulnerability assessments at the network, system, and application levels.
• Perform NIST software compliance verification and validation for multiple government and contractor-based applications.
• Review and analyze application source code developed in multiple languages.
• Participate in cross-functional team diagnosis of problems to identify root cause when one or more layers of a technology stack may be involved especially in production environments.
• Conduct DevSecOps operations to manage 50+ GitLab CI/CD pipelines, including monitoring multiple tools and JIRA help desk queues.
• Read and interpret dataflow, network, and other developmental diagrams effectively.
• Research, evaluate, and recommend new security tools, techniques, and technologies, and introduce them to the enterprise in alignment with IT security strategy.
• Assist in the implementation of the required government policy (e.g., NISPOM, DCID 6/3), and make recommendations on process tailoring. Perform analyses to validate established security requirements and recommend additional security requirements and safeguards.
• Write and utilize documentation.
• Communicate effectively with multiple stakeholders, including Government and Contractor teams, using tools such as Email, Mattermost, Slack, MS Teams, and Zoom.
Qualifications
Required Skills/Experience:
• In-depth knowledge of at least one programming languages (eg Java, Python, TypeScript, C++, etc.), frameworks (React, Angular, Spring, Django, Flask, etc.), design patterns, and technologies.
• Familiarity with CI/CD pipelines, build tools (NPM, Maven, etc.), SCA tools (SonarQube, Fortify, etc.), Docker image creation, and Kubernetes container deployments.
• IAT Level II Certification or higher required (e.g., CompTIA Security+).
• Bachelor's Degree and 9 years of experience.
• Basic knowledge of the Risk Management Framework (RMF) for Governmental Organizations.
• Current Top Secret Clearance.
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
group id: 10111346
