Senior Cyber Security DevSecOps Engineer
Company: Engility Corporation
Posted on: June 10, 2021
SAIC has an opening for a Cyber Security DevSecOps Specialist.
This position can be worked 100% remote nationwide. We are seeking
a Senior Principle to support an Artificial Intelligence
development environment in the highly regulated Government
environment. This position will report to the Cyber Security
Engineering Sr Manager. This role is a key business enabler to
provide information security risk analysis and strategic
recommendations for a current AI development project for a wholly
owned subsidiary of SAIC. The candidate should have deep cyber,
secure development, and governmental security experience and
knowledge. Develops and implements security controls and formulates
operational risk mitigations in FEDRAMP cloud environments Involved
in a wide range of security decisions for an ongoing development
project. Researches, evaluates and recommends new security tools,
techniques, and technologies and introduces them to the enterprise
in alignment with IT security strategy and ensures these
technologies meet current NIST 800-171 and CMMC requirements.
- Play a key role in the overall security system design of large
scale AGILE development project.
- Provide Cyber guidance to a secure development team developing
solutions for classified and unclassified government network
- Guide the implementation of the required government policy
(i.e. NIST SP 171, CMMC FEDRAMP, and makes recommendations on
process tailoring as it applies to product development.
- Maintain and enhance the standing security systems, deploy new
security capabilities and provide security engineering services to
non-security specific IT efforts.
- Secure coding implementation and guidance of a development
team. Implement secure coding gates and process into an AGILE
development team processes.
- Develops advanced technological ideas and guides their
development into a final product. Erroneous decisions or
recommendations would typically results in failure to achieve
critical organizational objectives and affect image of
organization's technological capability.
- Participates with senior managers to establish strategic plans
and objectives. Recommends/makes decisions on administrative or
project work matters and ensures effective achievement of program,
project, or organizational objectives.
- Performs analyses to validate established security requirements
and to recommend additional security requirements and safeguards.
Supports the formal Security Test and Evaluation (ST&E)
required by each government accrediting authority through pre-test
preparations, participation in the tests, analysis of the results,
and preparation of required reports.
- Maintain roadmaps, which include product selection, versions,
upgrades, projects and milestones.
Bachelors and 14 years of experience; Masters and 12 years of
experience; PhD or JD and 9 years of experience.
- Experience with Continuous Integration and Continuous Delivery
- Ability to meaningfully participate in code reviews and provide
security guidance to software development teams.
- Experience with automated software security testing
- Familiarity with microservice architectures and cloud-native
- Secure Software Lifecycle Professional Certification such as
- Experience with Public Cloud Platforms Architecture and
Deployment (AWS, Azure, GCP) configuration and administration of
security features & services.
- Demonstrated experience working with senior management on
highly sensitive projects that require the utmost discretion and
maintaining strict confidentiality on all data, records, and tasks
- Ability to effectively manage many different tasks
- Excellent written and communication skills.
- Maintain up-to-date detailed knowledge of the IT industry as it
relates to the technologies identified as primary responsibilities
including awareness of new or revised solutions and improved
- Basic knowledge of Security Standards/Controls specified under
various IT governance and compliance models (NIST, HIPAA, PCI,
GDPR, ISO 27001 27002).
- Possession of industry certifications highly preferred.
Including, but not limited to, Certified Information Systems
Auditor (CISA), Certified Information Systems Security Professional
(CISSP), Certified Information Security Manager (CISM), and Global
Information Assurance Certification (GIAC).
- Demonstrated ability to work in a fast-paced, deadline driven
- Demonstrated excellence in a variety of competencies including
teamwork/collaboration, analytical thinking, communication and
influencing skills, and technical expertise.
Keywords: Engility Corporation, Reston , Senior Cyber Security DevSecOps Engineer, Other , Reston, Virginia
Didn't find what you're looking for? Search again!