DevSecOps Engineer

Maximus TCS (Technology and Consulting Services) Internal Job Profile Code: TCS088, T4, Band 7

Job-Specific Essential Duties and Responsibilities:

- Provides Development, Security, and Operations (DevSecOps) areas of incident response, vulnerability scanning and management, problem management, certificate management, penetration testing, password policy management, data analysis of network security, remediation patching coordination, and compliance efforts.

- Implements automated application security testing tools, making users aware of how to best use application security features.

- Collaborates to develop an automated security framework for strong deployment tools and processes, leveraging various scripting languages and open-source solutions.

- Recommends automation improvements to replace manual tasks for network infrastructure provisions and security operational processes.

- Gathers requirements, designs and implements solutions, and fixes network or security operational issues.

- Manages end-user and administration access for access control.

- Performs network or security analysis and troubleshooting; diagnoses root cause analysis, using monitoring tools and system analytics; and applies system patches to DevOps tooling.

- Updates security procedures and maintains operations runbooks to report procedures and operations to avoid recurring issues.

- Sets up, conducts risk assessment, monitors, and maintains proxy servers, systems, and firewalls.

- Performs penetration testing and security code reviews.

- Coordinates change requests and provide status updates.

- Researched technology trends and best practices for cloud site reliability engineering.

Minimum Requirements

TCS088, T4, Band 7

Job-Specific Minimum Requirements:

- BS in Computer Science, information Technology, or related field.

10 Years of experience or multiple IT certifications may be substituted for a degree.

- 8 Years of work-related experience required.

- Active Top Secret with SCI eligibility required.

- Security+ or DoD 8570 IAT-II certification required.

- Ability to travel 10% - 20%.

Preferred Skills and Qualifications:

- Certified Kubernetes Application Developer (CKAD), Red Hat Certified Engineer (RHCE), Certified Jenkins Engineer (CJE), AWS Certified DevOps Engineer, Certified Kubernetes Engineer (CKA), GitLab Certified DevOps Professional, or similar certifications.

- Familiar with technical aspects for IT and IAT-Level II Certifications.

- Experience with CI/CD pipelines, infrastructure as code, and containerization technologies.

- Expertise in cloud platforms, automation tools, scripting languages, and security testing tools.

- Understanding of AWS, Azure, or GCP and their security services.

- Understanding of USAF IT systems, networks, and platforms.

- Experience with Jenkins, GitLab CI, Azure DevOps, or similar tools for automating the build, test, and deployment process.

- Proficiency with tools like Terraform, Ansible, or CloudFor...