Position Description and Job Duties:Collaborate with development, operations, and security teams to integrate security practices into the software development lifecycle.Design, implement, and maintain CI/CD pipelines that incorporate automated security testing, vulnerability scanning, and compliance checks.Develop and maintain infrastructure as code (IaC) templates and configurations, ensuring security best practices are applied to cloud resources and infrastructure components.Perform regular security assessments, code reviews, and penetration testing to identify and address vulnerabilities and weaknesses in applications, code, and infrastructure.Monitor and analyze system and application logs to detect and respond to security incidents.Implement and manage identity and access management (IAM) solutions, ensuring appropriate authentication and authorization mechanisms are in place.Collaborate with software engineers to provide guidance on secure coding practices and assist in remediation of security findings.Participate in incident response activities, helping to investigate and mitigate security incidents in a timely manner.Contribute to the development and maintenance of security policies, procedures, and documentation.Required Skills:Collaborate with development, operations, and security teams to integrate security practices into the software development lifecycle.Design, implement, and maintain CI/CD pipelines that incorporate automated security testing, vulnerability scanning, and compliance checks.Develop and maintain infrastructure as code (IaC) templates and configurations, ensuring security best practices are applied to cloud resources and infrastructure components.Perform regular security assessments, code reviews, and penetration testing to identify and address vulnerabilities and weaknesses in applications, code, and infrastructure.Monitor and analyze system and application logs to detect and respond to security incidents.Implement and manage identity and access management (IAM) solutions, ensuring appropriate authentication and authorization mechanisms are in place.Collaborate with software engineers to provide guidance on secure coding practices and assist in remediation of security findings.Participate in incident response activities, helping to investigate and mitigate security incidents in a timely manner.Contribute to the development and maintenance of security policies, procedures, and documentation.*VEVRAA FEDERAL CONTRACTOR *EEO:MSM provides equal employment opportunities to all employees and applicants in allMSMfacilitieswithout regardto race,color,religiouscreed,sex,nationalorigin,ancestry, citizenship status, pregnancy, disability, age, military or disabled veteran status, marital status, gender or gender identity, medical condition, genetic information, or sexual orientation in accordance with applicable federal, state and local laws.