DevSecOps Engineer

About BLEN

BLENers are passionate about using technology to solve real-world problems. For over 20 years, we've been helping government agencies and businesses transform their digital experience. We bring fresh perspectives to every project, from modernizing legacy systems to building cloud-native applications to experimenting with technology that’s just around the corner. We value building long and enduring partnerships to solve complex challenges by putting humans at the center of all the experiences. Our team thrives on turning tricky problems into solutions that are practical, accessible and performant.

About this position

DevSecOps Engineers at BLEN play a pivotal role in our modernization program, implementing and maintaining robust Continuous Integration/Continuous Deployment (CI/CD) pipelines while integrating security at every stage of the software development lifecycle. They combine deep technical expertise, security awareness, and a holistic understanding of the software development process to streamline our delivery pipeline, enhance productivity, and ensure the security and reliability of our solutions. Our DevSecOps team collaborates closely with development, operations, and security teams to create a seamless, efficient, and secure software delivery process that meets the high standards required in government contracting environments.

What we would like from you

• As a DevSecOps Engineer at BLEN, you will be at the forefront of implementing and supporting our CI/CD pipeline, ensuring the integration of security practices throughout the software development lifecycle. Your responsibilities will include:
• Support DevSecOps efforts to ensure delivery of a demand model leveraging continuous everything to reduce defects while increasing productivity and time-to-market.
• Assist with the establishment of CI/CD pipeline guidelines, standards, and strategies.
• Communicate with development teams to ensure adherence to CI/CD guidelines and standard DevSecOps processes.
• Support the technical planning, configuration, integration, verification, and validation of the pipeline toolchain.
• Implement automated methods to improve system performance and reliability, including scripting, integration, and problem resolution related to the CI/CD pipeline toolchain.
• Quickly learn business workflows, technical architecture, and dependent systems of the supported services.
• Collaborate with cross-functional teams to integrate various DevSecOps practices as part of a CI/CD implementation.
• Troubleshoot issues within the pipeline and provide solutions.
• Stay updated with the latest DevSecOps trends, tools, and best practices.
• Contribute to the continuous improvement of our DevSecOps processes and tooling.
• Support the implementation of security measures throughout the CI/CD pipeline.
• Assist in the creation and maintenance of documentation for DevSecOps processes and tools.

Your main goal will be to ensure our software delivery process is efficient, secure, and aligned with our modernization program's objectives through the effective implementation and support of DevSecOps practices and CI/CD pipelines.

Basic qualifications

• Essential Requirements
• 5+ years of experience in software development or related fields.
• At least two years of hands-on experience supporting DevOps/DevSecOps to reengineer and automate the software development process.
• Experience in the technical aspects of DevSecOps techniques, continuous integration, continuous testing, and continuous deployment.
• Proficiency with distributed source control (Git).
• Experience with dependency management tools.
• Familiarity with leading CI/CD tools such as Jenkins or TFS.
• Understanding of Pipeline as Code scripting technologies.
• Experience with industry-standard Static Code Analysis (SCA) tools such as SonarQube, Nexus IQ Server, or Fortify.
• Hands-on experience integrating SCA tools into CI/CD pipeline.
• Familiarity with open-source tools for test automation such as Selenium.

• Preferred Skills and Experience
• Experience working in a large software development program using Agile (preferably SAFe) development methodology.
• Experience implementing DevSecOps for a Cloud-based system on a modernization program.
• Knowledge of Cloud Service Platforms such as AWS or Azure.
• Experience with container orchestration using tools such as Docker-compose.
• Familiarity with Container Management Platforms such as OpenShift.
• Experience with Infrastructure as Code tools such as Ansible, Chef, or Puppet.
• Knowledge of Continuous Monitoring tools such as ELK Stack (Elasticsearch, Logstash/Fluentd, Kibana).
• Relevant certifications in DevOps, cloud platforms, or security.

Requirement

• Must be a US Citizen or legal resident and able to work domestically.
• Must be able to attain low-level security clearance.

Perks

• Work from anywhere.
• Competitive pay.
• A contribution to your health benefit.
• The chance to work on high-visibility projects and make a significant impact.

Get to know us

• We are a small, creative and highly technical team.
• Our heroes are the scrappy folks that dare to dream and do great things. We love people that care more about doing the right thing than taking a shortcut.
• We believe in finishing projects and floor our clients by how much we cared about their project.
• We believe in integrity and because we're small, we are very selective of our partners and clients.
• We do not use phrases like 'human resource' because you are NOT a resource. You are a team member and we will treat you like one.

What you should expect from us

• We will treat you fairly.
• We give you space to grow both personally and professionally.
• We will hear your ideas even when we disagree -- especially when we disagree.
• We will be equitable with our success and be honest with our challenges.
• We will always tell you the truth. Even when the truth is difficult.

The salary range represents the compensation we expect to offer candidates who can perform the core responsibilities with minimal additional training. Actual compensation may vary based on factors such as skill set, level of experience, and scope of responsibility. Our recruitment team is available to discuss your specific salary requirements and to provide more information about how we determine compensation. We are committed to fair and transparent pay practices and encourage open dialogue about our compensation structure throughout the application process. We look forward to learning more about your qualifications and how they align with our framework.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35 (c).