Description
Description
SAIC is seeking a CyberSecurity DevSecOps Engineer to join our team and support the Department of the Air Force's (DAF) Cloud-Based Command and Control (CBC2) Product Support Team. The successful candidate will leverage their expertise in a variety of programming languages, frameworks, and technologies to perform compliance verification and validation across multiple applications.
Key Responsibilities
· Conduct comprehensive risk and vulnerability assessments at the network, system, and application levels.
· Perform NIST software compliance verification and validation for multiple government and contractor-based applications.
· Review and analyze application source code developed in multiple languages.
· Participate in cross-functional team diagnosis of problems to identify root cause when one or more layers of a technology stack may be involved especially in production environments.
· Conduct DevSecOps operations to manage 50+ GitLab CI/CD pipelines, including monitoring multiple tools and JIRA help desk queues.
· Read and interpret dataflow, network, and other developmental diagrams effectively.
· Research, evaluate, and recommend new security tools, techniques, and technologies, and introduce them to the enterprise in alignment with IT security strategy.
· Assist in the implementation of the required government policy (e.g., NISPOM, DCID 6/3), and make recommendations on process tailoring. Perform analyses to validate established security requirements and recommend additional security requirements and safeguards.
· Write and utilize documentation.
· Communicate effectively with multiple stakeholders, including Government and Contractor teams, using tools such as Email, Mattermost, Slack, MS Teams, and Zoom.
Qualifications
Required Skills/Experience:
· In-depth knowledge of at least one programming languages (eg Java, Python, TypeScript, C++, etc.), frameworks (React, Angular, Spring, Django, Flask, etc.), design patterns, and technologies.
· Familiarity with CI/CD pipelines, build tools (NPM, Maven, etc.), SCA tools (SonarQube, Fortify, etc.), Docker image creation, and Kubernetes container deployments.
· IAT Level II Certification or higher required (e.g., CompTIA Security+).
· Bachelor's Degree and 9 years of experience.
· Basic knowledge of the Risk Management Framework (RMF) for Governmental Organizations.
· Current Top Secret Clearance.
SAIC accepts applications on an ongoing basis and there is no deadline.
Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.
Apply on company website
Find Connections via Linkedin
