DevSecOps Engineer

DevSecOps Engineer

Location: Washington, DC metro area (Remote Work)

Security Clearance Requirements

• Must be a U.S. citizen OR Permanent Resident Alien (Green card holder and NOT H1 Visa holder)
• Ability to obtain an IRS MBI (Minimum Background Investigation) Security Clearance from the Federal Agency.
• Active IRS MBI Clearance is highly desirable

Node is seeking highly skilled and motivated DevSecOps Engineers to begin an exciting and challenging career with our large Enterprise Application Support Program on one of our project delivery teams. As a DevSecOps Engineer, you will integrate security practices into our DevOps processes, ensuring the development and deployment of secure applications. The ideal candidate will possess a strong background in both security and DevOps methodologies, with a passion for automating security processes and enhancing the overall security posture of our customer infrastructure and applications.

• Integrate security into the CI/CD pipeline, automating security controls and ensuring security is embedded throughout the development lifecycle.
• Collaborate with development, operations, and security teams to define and implement security best practices and standards.
• Conduct security assessments, vulnerability analysis, and penetration testing to identify and mitigate security risks.
• Develop and maintain secure infrastructure as code (IaC) scripts using tools like Terraform, Ansible, or CloudFormation.
• Implement and manage security tools and technologies such as SIEMs, IDS/IPS, firewalls, and endpoint protection.
• Monitor and respond to security incidents, performing root cause analysis and implementing corrective measures.
• Educate and train development and operations teams on secure coding practices and security tooling.
• Stay up to date with the latest security threats, trends, and technologies, and proactively address potential risks.
• Create and maintain documentation related to security policies, procedures, and standards.
• Participate in security audits and compliance initiatives to ensure adherence to industry regulations and standards.

• Bachelor's degree in Computer Science, Management Information Systems, or relevant discipline (4 years of equivalent experience)
• Minimum of 5+ years of experience in DevOps, security engineering, or a related field experience with:
  • Strong understanding of security principles and best practices, including threat modeling, risk assessment, and vulnerability management.
  • Proficiency with DevOps tools and practices, including CI/CD pipelines, containerization (Docker, Kubernetes), and version control systems (Git).
  • Proficiency in containerization technologies (Docker, Podman) and orchestration tools (Kubernetes, OpenShift).
  • Experience with security tools such as OWASP ZAP, Burp Suite, Nessus, Metasploit, or similar.
  • Solid understanding of cloud security concepts and experience with cloud platforms (AWS, Azure, Google Cloud).
  • Strong scripting and automation skills using languages such as Python, Bash, or PowerShell.
  • Excellent problem-solving skills and the ability to think critically about potential security issues and solutions.
  • Effective communication and collaboration skills, with the ability to work cross-functionally and educate team members.
  • Relevant certifications such as CISSP, CEH, OSCP, AWS Certified Security – Specialty, or similar are preferred.
  • Maintenance and ongoing development of continuous build/integration infrastructure.
  • Provide Source Control Management/Documentation, create and maintain fully automated CI build processes for multiple environments; write, build and deploy scripts.
  • Support CI/CD tools integration, operations, change management, and maintenance. Support full automation of CI/CD testing.
  • Support policies, standards, guidelines, governance and related guidance for both CI/CD operations and for work of developers.
  • Enable successful release management by moving code from Development and Testing environments to Staging and Production.
  • Work closely with software developers, production support, and information security to automate and support infrastructure and tooling in cloud-based platforms.
  • Provide guidance and apply agile and DevOps/DevSecOps practices to streamline product delivery and reliable operations of product.
  • Continuously identify opportunities to automate and increase efficiency.

• Proven background working in DevOps software development environments with specific experience and knowledge in one or more of the following areas:
• Software Program Management / Acquisition
• Agile software development with Scrum or Kanban
• Agile collaboration tools such as Atlassian Jira, Confluence
• CI/CD with Jenkins, GitLab, Bitbucket, or MS Azure
• Cloud - Platform One
• Cross Domain Solutions
• C-ATO
• Multi-Level Security Networks (MLS / MILS)
• Containerization with Docker or Red Hat Podman
• Container management with Kubernetes and Helm
• Security automation
• Experience with compliance frameworks and standards such as ISO 27001, NIST, SOC 2, or GDPR.
• Familiarity with security orchestration, automation, and response (SOAR) solutions.

Node.Digital is an independent Digital Automation & Cognitive Engineering company that integrates best-of-breed technologies to accelerate business impact. Our Core Values help us in our mission. They include:

OUR CORE VALUES
Identifying the~RIGHT PEOPLE~and developing them to their full capabilities

Our customer’s “Mission” is our “Mission”. Our~MISSION FIRST~approach is designed to keep our customers fully engaged while becoming their trusted partner

We believe in~SIMPLIFYING~complex problems with a relentless focus on agile delivery excellence

Our mantra is “~Simple*Secure*Speed~” in delivery of innovative services and solutions

We are proud to offer competitive compensation and benefits packages to include

• Medical
• Dental
• Vision
• Basic Life
• Health Saving Account
• 401K
• Three weeks of PTO
• 10 Paid Holidays
• Pre-Approved Online Training