DevOps Engineer
Arlington, Virginia
Onsite
Full Time
$120k - $140k
DevOps Engineer
This company is a small team on a mission to transform government technology acquisition and innovation scouting. Their purpose-driven approach allows to create a meaningful impact, making our work environment ideal for those looking to break free from the mundane and grow together.
The company is located in Rosslyn, VA and will be a 5 days on site in Rosslyn, VA.
Required Skills & Experience:
Cloud Security Team
This position doesn’t provide sponsorship.
This company is a small team on a mission to transform government technology acquisition and innovation scouting. Their purpose-driven approach allows to create a meaningful impact, making our work environment ideal for those looking to break free from the mundane and grow together.
The company is located in Rosslyn, VA and will be a 5 days on site in Rosslyn, VA.
Required Skills & Experience:
Cloud Security Team
- Develops and conducts security awareness and training programs.
- Designs, implements, and maintains security systems to protect networks and data.
- Creates and enforces security policies to comply with industry standards like GDPR, FISMA, and NIST 800-53 FedRAMP.
- Manages security infrastructure, including IDS/IPS systems.
- Configures and uses Splunk for security monitoring and incident response.
- Reviews and investigates daily security alerts.
- Analyzes and addresses security incidents and implements preventive measures.
- Generates regular security reports.
- Integrates security measures into system designs with cross-functional teams.
- Conducts risk and vulnerability assessments and recommends solutions.
- Provides insights on potential security risks and enhancements.
- Performs security audits and assessments, including user access control and vulnerability assessments.
- Updates system policies and procedures (e.g., SSP).
- Stays current with security threats and trends.
- Performs penetration testing and monthly security scans using tools like Burp, OWASP, and Nessus.
- Reviews, analyzes, and documents scan findings in GitLab.
- Conducts STIG or CIS Compliance scans and documents findings.
- Performs independent research on security vulnerabilities and provides remediation processes.
- Documents security issues and findings in GitLab.
- Tracks and manages POA&M lists and holds monthly security meetings.
- Documents deviations and exceptions in GitLab.
- Participates in incident response activities.
- Manages and maintains security tools and technologies.
- Collaborates with vendors to implement security solutions.
- Assesses and configures new security tools.
- Experienced with AWS native security tools.
- Takes ownership of tasks and adapts quickly to new challenges.
- Strong troubleshooting and problem-solving skills; communicates effectively with team members.
- Designs and deploys scalable, secure AWS cloud infrastructure solutions.
- Experienced with AWS tools and services like ECS, IAM, KMS, S3, and CloudWatch.
- Manages virtual machines, EC2, containers, and serverless functions.
- Implements and manages VPC networking components for secure communication.
- Manages IAM policies and controls within AWS.
- Experienced with networking, Cloud Guard Network Security, NFS, LVM, and rsyslog.
- Proficient in scripting (bash, Python) for task automation.
- Utilizes Terraform and Ansible for infrastructure automation and server hardening.
- Implements DevSecOps using GitLab for pipeline automation with AWS containers.
- Configures security endpoint tools and SIEM tools like Splunk.
- Monitors and optimizes cloud resource performance.
- Implements backup and disaster recovery strategies.
- Ensures compliance with security and privacy standards like GDPR, FISMA, and NIST 800-53 FedRAMP.
- Develops SOPs and updates technical documentation.
- Conducts regular security assessments and audits.
- Collaborates on cloud infrastructure best practices.
- Stays current with cloud technologies and trends.
- Provides technical support and troubleshooting.
- Conducts independent research on new tools and their configuration.
- Takes ownership of tasks and adapts quickly to new challenges.
- Experienced with web (nginx), application (tomcat), and database (MariaDB) administration.
This position doesn’t provide sponsorship.