Sr. IT DevSecOps Engineer
Position Summary
The Sr. IT DevSecOps Engineer will build GitLabbased DevSecOps automated pipelines into AWS GovCloud, support and accelerate application delivery on the CI/CD platform, and manage and operate GitLab CI/CD environments.
Certifications
- GitLab certification desired but not required
- AWS certification desired but not required
Knowledge, Skills, and Experience
- Version Control Systems
- Proficiency with Git
- Advanced knowledge of GitLab, including CI/CD pipelines, merge requests, and issue tracking
- Familiarity with branching, promotion, and release strategies (such as SemRel)
- Familiarity using internalized registries and repositories (Nexus dependency management, internal container registries, etc.)
CI/CD
- GitLab CI/CD
- GitLab runners (configuration and management)
- GitLab components (or generally developing and utilizing templates for CI/CD jobs in any platform, such as GitHub Actions)
Cloud Platforms
- Demonstrated proficiency with AWS (Lambda, EC2, S3, EBS/EFS, ECS, EKS, SNS, CloudWatch)
Containerization
- Docker (building, deploying, and managing containers)
- Kubernetes (orchestration, deployment strategies, security, troubleshooting)
- Container security best practices
- Container hardening strategies, such as maintaining a secure golden image
- Deploying and managing container-based runners hosted on EKS
- GitOps tools and deployment principles (such as ArgoCD/Flux)
Security Testing
- Static Application Security Testing (SAST)
- Dynamic Application Security Testing (DAST)
- Interactive Application Security Testing (IAST)
- Software Composition Analysis (SCA)
- Container scanning tooling (Trivy, Prisma/Twistlock, Neuvector, etc.)
Infrastructure as Code (IaC)
- Terraform (writing, managing, and optimizing Terraform configurations)
- Other IaC tools (e.g., CloudFormation, Ansible)
Scripting and Programming
- Proficiency in scripting languages (e.g., Python, Bash)
- Basic to intermediate programming skills
- Experience working with a Linux-based shell and navigating Linux systems
- Ability to work well in a paired programming environment at times
Automation
- Creating and maintaining automated security checks and remediations
- Integrating security into automated deployment processes
- Incorporating linting tooling into development processes
ECCO Select is committed to hiring and retaining a diverse workforce. Our policy is to provide equal opportunity to all people without regard to race, color, religion, national origin, ancestry, marital status, veteran status, age, disability, pregnancy, genetic information, citizenship status, sex, sexual orientation, gender identity or any other legally protected category. Veterans of our United States Uniformed Services are specifically encouraged to apply for ECCO Select opportunities.
Job Type: Contract
Never miss an opportunity! Create an alert based on the job you applied for.
