Diverse Agile Solutions logo

SecDevOps Engineer

Diverse Agile Solutions
Full-time
On-site
Washington, District of Columbia, United States
Cloud & Virtualization

Diverse Agile Solutions is looking for a DevSecOps engineer to support one of our government customers in Washington, D.C. 


Position Requirements:


Description 

Candidate will help build GitLab-based DevSecOps automated pipelines into AWS gov cloud; support and enable application delivery times on CI/CD platform; manage and operate GitLab CI/CD. 

 

Certification 

GitLab certification desired but not required. 

AWS certification desired but not required. 

 

Knowledge, Skills and Experience 

 Version Control Systems 

  • Proficiency with Git 
  • Advanced knowledge of GitLab, including CI/CD pipelines, merge requests, and issue tracking 
  • Familiarity with branching, promotion, and release strategies (such as SemRel) 
  • Familiarity using internalized registries and repositories (Nexus dependency management, internal container registries, etc.) 

 CI/CD 

  • GitLab CI/CD 
  • GitLab runners (configuration and management) 
  • GitLab components (Or generally developing and utilizing templates for CI/CD jobs in any platform, such as GitHub Actions) 

 Cloud Platforms 

  • Demonstrated proficiency with AWS (Lambda, EC2, S3, EBS/EFS, ECS, EKS, SNS, CloudWatch) 

 Containerization 

  • Docker (building, deploying, and managing containers) 
  • Kubernetes (orchestration, deployment strategies, security, troubleshooting) 
  • Container security best practices 
  • Including container hardening strategies, such as maintaining a secure “golden” image 
  • Deploying and managing container-based runners hosted on EKS 
  • GitOps tools and deployment principles (such as ArgoCD/Flux) 

 Security Testing 

  • Static Application Security Testing (SAST) 
  • Dynamic Application Security Testing (DAST) 
  • Interactive Application Security Testing (IAST) 
  • Software Composition Analysis (SCA) 
  • Container scanning tooling (Trivy, Prisma/Twistlock, Neuvector, etc..) 

 Infrastructure as Code (IaC) 

  • Terraform (writing, managing, and optimizing Terraform configurations) 
  • Other IaC tools (e.g., CloudFormation, Ansible) 

 Scripting and Programming 

  • Proficiency in scripting languages (e.g., Python, Bash) 
  • Basic to intermediate programming skills 
  • Experience working with a Linux-based shell, managing way around a Linux-based system 
  • Ability to work well in a paired programming environment at times 

 Automation 

  • Creating and maintaining automated security checks and remediations 
  • Integrating security into automated deployment processes 
  • Incorporating linting tooling into development processes 
  • Incorporating unit & performance testing into deployment processes