Today
Top Secret/SCI
Mid Level Career (5+ yrs experience)
Unspecified
No Traveling
IT - Security
Patrick AFB, FL (Off-Site/Hybrid)
Position Title: DevSecOps Engineer – Cleared Software Engineering Environment Support
Location: Remote, with occasional travel to ISTI’s main offices and client sites as required
Clearance Level: Active security clearance required - Top Secret/Sensitive Compartmented Information - TS/SCI
Company Overview
ISTI (Instrumental Software Technologies, Inc.) is a geophysical software company renowned for providing cutting-edge custom software solutions, seismic monitoring, and consulting services. With expertise in fields ranging from seismology and nuclear physics to advanced software design, ISTI serves diverse sectors such as Nuclear Non-Proliferation and global Earthquake Monitoring. Our teams leverage advanced academic research, industry-leading technology, and multidisciplinary scientific insights to deliver robust, reliable solutions for our clients’ most critical needs.
Position Overview
ISTI is seeking a DevSecOps Engineer to join our engineering team and play a key role in securing our highly technical, cleared software environments. The ideal candidate will have a strong background in implementing security-focused DevOps practices within classified or high-security environments, particularly those requiring stringent compliance and zero-trust methodologies. This role will involve building, deploying, and maintaining scalable, secure infrastructure to support our custom solutions and seismic monitoring software for government and nuclear sectors.
Hot Initiatives or Likely Scenarios To Be Faced
Lead efforts with Gitlab CI/CD integration in a secure environment
Lead efforts to integrate existing software with onsite Oracle database
Lead efforts on identifying and following STIG processes
Lead efforts on analyzing security scans of delivered software and addressing security concerns.
Participate as development team member for a senior level distributed team of Scientists and Software Engineers.
Key Responsibilities
Secure DevOps Pipeline Development: Design, implement, and maintain a secure CI/CD pipeline for classified applications, enforcing least privilege and zero-trust principles.
Security Automation and Integration: Integrate security tools into the DevOps pipeline, including static and dynamic code analysis, dependency management, container security, and vulnerability scanning tools.
Cloud and On-Prem Infrastructure Management: Securely configure and manage multi-cloud and on-premises environments (AWS GovCloud, Azure Government, private data centers), with a strong emphasis on secure networking, access controls, and IAM policies.
Compliance and Auditing: Ensure that all processes, pipelines, and infrastructure comply with industry standards (e.g., NIST 800-53, FedRAMP, DISA STIGs), conducting regular security audits, vulnerability assessments, and penetration testing.
Incident Response and Monitoring: Develop automated systems for monitoring, alerting, and responding to security incidents in real-time, including advanced log management (e.g., ELK stack, Splunk) and intrusion detection systems (IDS).
Collaboration with Engineering and Research Teams: Work closely with nuclear physics and software teams to incorporate security measures from design through deployment, ensuring that ISTI’s software and systems maintain high integrity in classified environments.
Documentation and Knowledge Transfer: Create and maintain comprehensive security documentation, processes, and playbooks for continuous security improvements in DevSecOps workflows.
Required Qualifications
Security and DevOps Expertise: 5+ years of experience in a DevSecOps or Security Engineering role with a focus on building secure CI/CD pipelines for high-security environments.
Clearance Requirement: Active security clearance. TS/SCI
Technical Skills:
Containerization and Orchestration: Proficient in Docker, Kubernetes, and Helm with a focus on secure container lifecycle management.
Cloud Security: Advanced experience with AWS GovCloud, Azure Government, and hybrid cloud environments, including secure VPC setup, IAM, and identity federation.
Automation: Proficient in scripting (Python, Bash) and infrastructure-as-code tools (e.g., Terraform, Ansible) for automated secure configuration management.
Security Tools: Hands-on experience with tools such as Aqua Security, Twistlock, HashiCorp Vault, SonarQube, and GitLab CI/CD with security integrations.
Knowledge of Compliance Standards: In-depth understanding of NIST 800-53, NIST 800-171, FedRAMP, and DISA STIGs.
Incident Handling and Response: Strong skills in incident response, real-time monitoring, and threat intelligence using tools like Splunk, ELK stack, and Snort.
Preferred Qualifications
Front end development – React, Angular, etc.
Certifications: Relevant certifications, such as CISSP, AWS Certified Security Specialty, or Certified DevSecOps Professional, are a plus.
Advanced Security Practices: Experience with zero-trust architecture, secure data workflows, and compliance-driven automation in federal government or DoD environments.
Core Professional Competencies
Analytical and Problem-Solving Skills: Ability to work with complex scientific data and design security solutions that do not compromise operational efficiency.
Collaboration and Communication: Exceptional interpersonal skills to work effectively with researchers, engineers, and clients within secure environments.
Adaptability: Flexibility to work with evolving compliance requirements and diverse project demands.
ISTI offers a competitive compensation package, professional development opportunities, and the chance to contribute to groundbreaking solutions in geophysical software and seismic monitoring.
Location: Remote, with occasional travel to ISTI’s main offices and client sites as required
Clearance Level: Active security clearance required - Top Secret/Sensitive Compartmented Information - TS/SCI
Company Overview
ISTI (Instrumental Software Technologies, Inc.) is a geophysical software company renowned for providing cutting-edge custom software solutions, seismic monitoring, and consulting services. With expertise in fields ranging from seismology and nuclear physics to advanced software design, ISTI serves diverse sectors such as Nuclear Non-Proliferation and global Earthquake Monitoring. Our teams leverage advanced academic research, industry-leading technology, and multidisciplinary scientific insights to deliver robust, reliable solutions for our clients’ most critical needs.
Position Overview
ISTI is seeking a DevSecOps Engineer to join our engineering team and play a key role in securing our highly technical, cleared software environments. The ideal candidate will have a strong background in implementing security-focused DevOps practices within classified or high-security environments, particularly those requiring stringent compliance and zero-trust methodologies. This role will involve building, deploying, and maintaining scalable, secure infrastructure to support our custom solutions and seismic monitoring software for government and nuclear sectors.
Hot Initiatives or Likely Scenarios To Be Faced
Lead efforts with Gitlab CI/CD integration in a secure environment
Lead efforts to integrate existing software with onsite Oracle database
Lead efforts on identifying and following STIG processes
Lead efforts on analyzing security scans of delivered software and addressing security concerns.
Participate as development team member for a senior level distributed team of Scientists and Software Engineers.
Key Responsibilities
Secure DevOps Pipeline Development: Design, implement, and maintain a secure CI/CD pipeline for classified applications, enforcing least privilege and zero-trust principles.
Security Automation and Integration: Integrate security tools into the DevOps pipeline, including static and dynamic code analysis, dependency management, container security, and vulnerability scanning tools.
Cloud and On-Prem Infrastructure Management: Securely configure and manage multi-cloud and on-premises environments (AWS GovCloud, Azure Government, private data centers), with a strong emphasis on secure networking, access controls, and IAM policies.
Compliance and Auditing: Ensure that all processes, pipelines, and infrastructure comply with industry standards (e.g., NIST 800-53, FedRAMP, DISA STIGs), conducting regular security audits, vulnerability assessments, and penetration testing.
Incident Response and Monitoring: Develop automated systems for monitoring, alerting, and responding to security incidents in real-time, including advanced log management (e.g., ELK stack, Splunk) and intrusion detection systems (IDS).
Collaboration with Engineering and Research Teams: Work closely with nuclear physics and software teams to incorporate security measures from design through deployment, ensuring that ISTI’s software and systems maintain high integrity in classified environments.
Documentation and Knowledge Transfer: Create and maintain comprehensive security documentation, processes, and playbooks for continuous security improvements in DevSecOps workflows.
Required Qualifications
Security and DevOps Expertise: 5+ years of experience in a DevSecOps or Security Engineering role with a focus on building secure CI/CD pipelines for high-security environments.
Clearance Requirement: Active security clearance. TS/SCI
Technical Skills:
Containerization and Orchestration: Proficient in Docker, Kubernetes, and Helm with a focus on secure container lifecycle management.
Cloud Security: Advanced experience with AWS GovCloud, Azure Government, and hybrid cloud environments, including secure VPC setup, IAM, and identity federation.
Automation: Proficient in scripting (Python, Bash) and infrastructure-as-code tools (e.g., Terraform, Ansible) for automated secure configuration management.
Security Tools: Hands-on experience with tools such as Aqua Security, Twistlock, HashiCorp Vault, SonarQube, and GitLab CI/CD with security integrations.
Knowledge of Compliance Standards: In-depth understanding of NIST 800-53, NIST 800-171, FedRAMP, and DISA STIGs.
Incident Handling and Response: Strong skills in incident response, real-time monitoring, and threat intelligence using tools like Splunk, ELK stack, and Snort.
Preferred Qualifications
Front end development – React, Angular, etc.
Certifications: Relevant certifications, such as CISSP, AWS Certified Security Specialty, or Certified DevSecOps Professional, are a plus.
Advanced Security Practices: Experience with zero-trust architecture, secure data workflows, and compliance-driven automation in federal government or DoD environments.
Core Professional Competencies
Analytical and Problem-Solving Skills: Ability to work with complex scientific data and design security solutions that do not compromise operational efficiency.
Collaboration and Communication: Exceptional interpersonal skills to work effectively with researchers, engineers, and clients within secure environments.
Adaptability: Flexibility to work with evolving compliance requirements and diverse project demands.
ISTI offers a competitive compensation package, professional development opportunities, and the chance to contribute to groundbreaking solutions in geophysical software and seismic monitoring.
group id: ClearanceJobsSC
