Description The Multi Domain Solutions Division at Leidos is looking for an experienced
Senior DevSecOps Engineer to support a fast-paced program with the Air Force Life Cycle Management Center. This role is critical in establishing robust security practices throughout the software development lifecycle and ensuring compliance with stringent security standards. The ideal candidate will have extensive experience in DevSecOps, strong leadership abilities, and a commitment to fostering a culture of security within the organization. This position offers an exciting opportunity to shape the security landscape of an Air Force program, ensuring the secure development of software in a dynamic and innovative environment.
Primary Responsibilities:- Lead the design and implementation of security practices within the DevOps pipeline for DoD applications, ensuring alignment with regulatory requirements.
- Evaluate and select security tools, integrating them into CI/CD workflows to enhance application security.
- Conduct advanced vulnerability assessments, threat modeling, and penetration testing to proactively identify and mitigate security risks.
- Collaborate with cross-functional teams to develop and promote secure coding practices, incident response plans, and security training.
- Mentor and guide junior and mid-level engineers, fostering knowledge sharing and professional growth within the team.
- Drive the automation of security testing and compliance processes, utilizing Infrastructure as Code (IaC) and security automation tools.
- Stay abreast of industry trends, emerging threats, and best practices in DevSecOps and cybersecurity to continually improve security posture.
- Assessing, designing, developing, testing, and implementing Business Continuity & Disaster Recovery (BC/DR) solutions into a complex environment.
Basic Qualifications:- US Citizen and at least a Top Secret Clearance
- 8+ years of experience and a Bachelor's or advanced degree in Computer Science or similar field. Additional Experience may be considered in lieu of degree.
- Strong understanding of software development paradigms and supporting technologies (e.g. change management & version control, CI/CD, Agile planning tools such as Jira or Gitlab)
- Strong experience configuring CI/CD pipelines supporting software development activities in a DevSecOps environment
- Strong experience administering complex environments with Linux and Windows operating systems, network administration, and networking protocols/functions (e.g., HTTP, HTTPS, SSL/TLS, SMTP, DNS)
- Extensive experience integrating security tooling into a hybrid cloud environment, with a nuanced understanding of the capabilities and drawbacks of each component
- Extensive experience provisioning and managing resources within hybrid IaaS/Cloud infrastructures (e.g., Azure, AWS, Google Cloud Platform, etc.)
- Extensive experience with container technologies such as Docker and container orchestration tools like Kubernetes
- Experience with automated provisioning and configuration tools like Terraform, CloudFormation, Chef, Puppet, Ansible or similar technologies
- Experience integrating cloud services into solutions, especially Azure cloud services
- Excellent problem solving and analysis skills, including the ability to logically create structure and order from unstructured inputs.
- Self-starter that is able to work independently while possessing the communication skills to work effectively with software development teams and customers.
- Excellent interpersonal, verbal and written communication skills.
Preferred Qualifications:- Experience with Air Force Life Cycle Management Center programs.
- Microsoft Certified: Azure Solutions Architect Expert or similar certification.
- Advanced certifications such as Certified Information Systems Security Professional (CISSP), Certified DevSecOps Engineer (CDE), or similar.
- Extensive experience with security tools and practices relevant to DevSecOps (e.g., SAST, DAST, IAST).
- Experience deploying, configuring, and managing DevSecOps toolchains for an enterprise
- Familiarity with cloud platforms (e.g., AWS, Azure, Google Cloud) and their security frameworks.
- Strong understanding of container security and orchestration tools (e.g., Kubernetes).
- Experience delivering software solutions into high-security or air-gapped environments in defense or other highly regulated industries such as finance or healthcare
- Experience with compliance standards (e.g., OWASP, NIST) and DoD security regulations.
- Proven ability to drive change and influence security culture across an organization.
Original Posting Date: 2024-10-31While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.
Pay Range: Pay Range $101,400.00 - $183,300.00
The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.
#Featuredjob
About Leidos Leidos is a Fortune 500® innovation company rapidly addressing the world's most vexing challenges in national security and health. The company's global workforce of 47,000 collaborates to create smarter technology solutions for customers in heavily regulated industries. Headquartered in Reston, Virginia, Leidos reported annual revenues of approximately $15.4 billion for the fiscal year ended December 29, 2023. For more information, visit www.Leidos.com .
Pay and Benefits Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here .
Securing Your Data Beware of fake employment opportunities using Leidos' name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system - never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other person a l information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at [email protected] .
If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission .
Commitment to Diversity All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.