Overview
On Site
Full Time
Skills
Risk management framework
Google Cloud
NIST SP 800 Series
Security analysis
Risk analysis
Continuous monitoring
Computer science
Information security
Programming languages
Bash
Node.js
Vulnerability assessment
Quality assurance
Performance testing
Configuration Management
Manual testing
Continuous delivery
IT service management
Continuous integration
Automation
National Institute of Standards and Technology
Regulatory Compliance
Collaboration
Policies
Authorization
Training
Scripting
Python
Ruby
JavaScript
Groovy
YAML
JSON
Windows PowerShell
Java
Terraform
Docker
Kubernetes
Ansible
Progress Chef
Puppet
Jenkins
gitlab
Cloud computing
Amazon Web Services
Microsoft Azure
Communication
SEC
Testing
CISSP
Certified Ethical Hacker
OSCP
Agile
DevOps
Apex
SAP BASIS
Law
Innovation
Recruiting
Job Details
Job#: 2015678
Job Description:
* Please send resumes to Kaela at if youre interested! *
Responsibilities:
Key Responsibilities:
Support DevSecOps initiatives by developing and implementing test-driven security within a CI/CD pipeline
Create automation to support the NIST Risk Management Framework (SP800-37, SP800-53/53a).
Develop and track Plan of Action and Milestones (POA&Ms) to address identified security vulnerabilities and compliance gaps.
Able to document clear and repeatable process and train others to be able to perform automated assessment reviews.
Develop and implement security assessment automation tools to support DevSecOps practices.
Collaborate with development teams to integrate security assurance into the CI/CD pipeline.
Conduct security assessments and risk analyses on new and existing software.
Provide Subject Matter Expertise in the creation of security policies, standards.
Develop and document procedures specific to the role.
Work closely with compliance teams to ensure continuous monitoring and authorization.
Assist in developing security training and awareness for technical staff.
Stay current with evolving security landscape, industry trends, tools, and best practices.
Required Qualifications:
Bachelor's degree in Computer Science, Information Security, or a related field (preferred)
Proven experience with security assessment tools and methodologies.
Experience with wide range of programming languages, automation tools and scripting languages (e.g., Python, Ruby, Go, Bash/Shell, JavaScript/Node.js, Groovy, YAML/JSON, PowerShell, Java, Terraform).
Understanding languages in the context of various DevSecOps tools and platforms like Docker, Kubernetes, Ansible, Chef, Puppet, Jenkins, GitLab CI, and cloud service providers (AWS, Azure, Google Cloud Platform).
Experience with Policy as Code and Compliance as Code
Knowledge of compliance frameworks and continuous authorization processes. Prefer NIST SP800-37, SP800-53/53a.
Excellent communication skills and the ability to work collaboratively.
Operational vulnerability analysis.
Deep understanding of Dev/Sec/Ops processes and testing.
Preferred Qualifications:
Certifications such as GCSA, CISSP, CEH, or OSCP.
Experience in a policy and assurance or quasi-governmental environment.
Familiarity with cloud service providers and associated security challenges.
The candidate must possess skills that include experience with:
Test design, performance testing, test architecture, configuration management, troubleshooting,
excellent verbal and written and communication skills both horizontally and vertically, performing manual testing with agility and interaction, be proficient in continuous delivery, Agile, and DevOps.
EEO Employer
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at or .
Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico.
Job Description:
* Please send resumes to Kaela at if youre interested! *
Responsibilities:
Key Responsibilities:
Support DevSecOps initiatives by developing and implementing test-driven security within a CI/CD pipeline
Create automation to support the NIST Risk Management Framework (SP800-37, SP800-53/53a).
Develop and track Plan of Action and Milestones (POA&Ms) to address identified security vulnerabilities and compliance gaps.
Able to document clear and repeatable process and train others to be able to perform automated assessment reviews.
Develop and implement security assessment automation tools to support DevSecOps practices.
Collaborate with development teams to integrate security assurance into the CI/CD pipeline.
Conduct security assessments and risk analyses on new and existing software.
Provide Subject Matter Expertise in the creation of security policies, standards.
Develop and document procedures specific to the role.
Work closely with compliance teams to ensure continuous monitoring and authorization.
Assist in developing security training and awareness for technical staff.
Stay current with evolving security landscape, industry trends, tools, and best practices.
Required Qualifications:
Bachelor's degree in Computer Science, Information Security, or a related field (preferred)
Proven experience with security assessment tools and methodologies.
Experience with wide range of programming languages, automation tools and scripting languages (e.g., Python, Ruby, Go, Bash/Shell, JavaScript/Node.js, Groovy, YAML/JSON, PowerShell, Java, Terraform).
Understanding languages in the context of various DevSecOps tools and platforms like Docker, Kubernetes, Ansible, Chef, Puppet, Jenkins, GitLab CI, and cloud service providers (AWS, Azure, Google Cloud Platform).
Experience with Policy as Code and Compliance as Code
Knowledge of compliance frameworks and continuous authorization processes. Prefer NIST SP800-37, SP800-53/53a.
Excellent communication skills and the ability to work collaboratively.
Operational vulnerability analysis.
Deep understanding of Dev/Sec/Ops processes and testing.
Preferred Qualifications:
Certifications such as GCSA, CISSP, CEH, or OSCP.
Experience in a policy and assurance or quasi-governmental environment.
Familiarity with cloud service providers and associated security challenges.
The candidate must possess skills that include experience with:
Test design, performance testing, test architecture, configuration management, troubleshooting,
excellent verbal and written and communication skills both horizontally and vertically, performing manual testing with agility and interaction, be proficient in continuous delivery, Agile, and DevOps.
EEO Employer
Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at or .
Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico.