Kforce has a client in search of a DevSecOps Engineer in Irving, Texas (TX).
We are looking for an experienced DevSecOps Engineer to help integrate security into Agile/DevOps strategy and practices by using DevSecOps principles, processes and tools. You will also build automation/infrastructure as code to enforce cloud infrastructure security. You will automate security processes into CI/CD pipeline.
As part of our Product Security team, you will be responsible for the following primary activities:
* Build and maintain DevSecOps pipelines to adopt shift-left paradigm for security testing (SAST, DAST, IAST, RASP, etc.)
* Develop and evangelize best practices for DevSecOps and secure CI/CD
* Conduct research on new security tools for new projects and ongoing initiatives
* Collect security-related metrics and increase security visibility across the organization
* Deploy and manage security tools to cloud infrastructure platforms such as Google Cloud or AWS, through automation using infrastructure-as-code principles
* Work with teams to bring continuous improvement to DevSecOps processes and tools
* Bachelor's degree or four or more years of work experience
* Hands-on experience with CI/CD tools such as GitLab, Jenkins, Nexus, Artifactory or comparable substitutes
* Experience with software security, secure coding, or software assurance tools and techniques
* Experience in software development
Even better if you have:
* A degree in Computer Science, Computer Engineering or a related field
* Certifications: One or more of the following CISSP, CISM, CRISC, GSEC
* Demonstrated skill with at least one or more configuration management/scripting technologies such as Ansible, Chef, Puppet
* Hands-on experience with tools and technologies used throughout secure SDLC (e.g., Fortify/Checkmarx/Veracode, WhiteSource/Blackduck)
* Proven track record of securely architecting and owning cloud platforms such as (AWS, GCE, Azure) using Infrastructure as Code techniques
* Experience with Linux Containers (Docker), Kubernetes, and deployment of containerized applications/microservices architectures
* Experience in Information Security, Networking or Security Risk Management
* Experience developing software or scripting with Java, Python, etc.
* Thorough understanding of Agile & DevOps methodologies
* Experience with ISO 27001-2, NIST 800-53, or other controls standards
* Excellent documentation and organization skills
* Ability to multitask, take direction, prioritize, and manage multiple activities/tasks to achieve objectives
* Excellent oral, written, and interpersonal skills
* Ability to present and communicate to both superiors and peers
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.