DevSecOps Engineer 3

Role: DevSecOps Engineer 3

Location: Austin Texas 78711

12 months Contract with possibility to extension

The Worker will perform highly advanced DevSecOps related work as part of a crossfunctional team under the direction and guidance of the Shared Application Services manager. The Worker must have strong handson professional software development cybersecurity and/or IT operations experience building testing and deploying secure production applications and systems using continuous integration and continuous delivery/deployment (CI/CD) pipelines in a largescale enterprise environment. The worker will be responsible for integrating security measures into our DevOps processes automating security controls in CI/CD pipelines monitoring applications and infrastructure for security vulnerabilities and conducting regular security assessments. The worker will also provide training on secure coding practices and stay updated on new security technologies. They should have expertise in a variety of DevOps tools knowledge of DevOps automation and strong experience with Linux administration containerization technologies and microservices architecture. The worker is expected to proactively address potential security risks and performance issues to ensure the security stability and efficiency of our CI/CD pipelines.

Client will require the Worker to work on the following initiatives and will perform advanced tasks such as:

• CI/CD Modernization and automation of the entire pipeline from code checkin to deployment utilizing industry best practices such as Infrastructure as Code (IaC) Configuration as Code (GitOps) and BlueGreen and Canary Deployment Strategies.
• Implement Shift Left security approach by integrating security tools and automating security checks and compliance into the CI/CD pipeline.
• Monitoring and Observability to provide comprehensive monitoring logging and alerting for the CI/CD pipeline.
• Participating in all phases of SDLC.
• Performing extensive code reviews and analysis.
• Writing reports on code analysis to determine if industry standards and secure coding best practices are being followed; provide analysis to address found short comings.
• Providing guidance and knowledge sharing to existing development staff.

Number of Resumes allowed per Vendor: 2

II. CANDIDATE SKILLS AND QUALIFICATIONS

Minimum Requirements:

Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity.

Years

Required/Preferred

Experience

8

Required

Professional experience in DevOps engineering Software Development or related field

7

Required

Experience with programming languages such as Java and .NET

6

Required

Experience with scripting languages such as Bash Python and PowerShell to automate repetitive tasks such as monitoring deployments and configuration management

5

Required

Experience in Cybersecurity and implementing and automating security best practices into CI/CD pipelines

5

Required

Experience with security testing tools such as SAST DAST or IAST

5

Required

Experience setting up and managing Jenkins servers creating and maintaining CI/CD pipelines integrating with other tools (e.g. Git Maven SonarQube) writing Groovy scripts for pipeline automation and monitoring and optimizing Jenkins performance.

5

Required

Experience with Infrastructure as Code tools like Ansible Terraform or Chef

5

Required

Experience with containerization and orchestration tools such as Docker and Kubernetes

5

Required

Experience with automation of infrastructure provisioning and configuration management

5

Required

Experience with Maven in building and managing Java projects maintaining POM files troubleshooting build issues dependency management and versioning and integrating with CI/CD pipelines

5

Required

Experience with Artifactory set up configuration managing binary repositories integrating with build tools (e.g. Maven and Jenkins) managing artifact lifecycle and versioning and implementing security and access controls.

5

Required

Experience with microservices architecture design development and containerization and orchestration

5

Required

Experience with SQL and NoSQL databases

5

Required

Experience designing developing testing integrating and implementing secure REST APIs

5

Required

Experience with code reviews and indepth code analysis

5

Required

Experience with highly complex application security requirements

5

Required

Experience with Git Bitbucket Subversion and version control systems

4

Required

Experience with SonarQube set up configuration integrating with CI/CD pipelines and analyzing code quality and security vulnerabilities

4

Required

Experience with Jira and Confluence

4

Required

Experience with Agile teams

3

Required

Experience with coaching training mentoring and knowledge transfer

4

Preferred

Experience with cloud technologies and platforms such as AWS and Azure

3

Preferred

Experience working with legacy applications/services

3

Preferred

Experience in modern web technologies such as JavaScript Node.js React.js Redux HTML5 CSS3

3

Preferred

Public sector experience (Federal State or Local Government)

2

Preferred

Proficient with the Microsoft Office products including Outlook TEAMS Microsoft Project Word Visio Excel and PowerPoint