BIG IMPACT TECH (BIT) is seeking a DevSecOps Engineer to support the Combat Capabilities Development Command (DEVCOM) Aviation & Missile Center (AvMC) Software, Simulation, Systems Engineering & Integration Directorate (S3I). The candidate will participate in planning, development, implementation, and documentation of technical security solutions for software and information systems throughout the product development lifecycle.
Clearance : Secret - Must possess or have the ability to obtain clearance.
JOB DUTIES:
· Conduct technical evaluation of software requirements
· Work with functional teams to implement, maintain, and monitor technical security controls, to include: STIGs, SRGs, and/or other industry security hardening guidance.
· Review proposed code, configuration, and system design changes for security impact and determine approval or denial of change requests.
· Validate technical security controls are in place for operating systems, applications, and network appliances, and recommend enhancements
· Analyze, track, and document disposition of static code analysis scan results
· Perform and analyze results of Assured Compliance Assessment Solution (ACAS) scans to identify weaknesses and develop operational plans to remediate or mitigate weaknesses as they are discovered.
· Assist in updating system artifacts to support RMF; i.e., system diagrams (logical and physical) Hardware/Software/Firmware Inventory, Interface & Ports, Protocols and Services listing, etc.
· Maintain a working knowledge of information system (IS) functions, security policies, technical security safeguards, and operational security measures
· Maintain current knowledge of relevant technology and security threats
Education Requirements:
· Bachelor’s and eight (8) years of experience; Six (6) additional years' can be accepted in lieu of degree (per contract vehicle).
Certification Requirements:
· Security+ CE or higher DoD 8570 Certification
Clearance Requirements:
· Must possess a Secret security clearance with the ability to maintain; US Citizenship required.
Required Skills:
· Strong verbal and written communication skills
· Ability to adapt to a dynamic customer-oriented environment
· Working knowledge of DISA STIG/SRG and STIG tools
· Experience with static code analysis/dynamic analysis (Tools: Parasoft, Coverity, Fortify)
· Experience with C/C++/Java/YAML
· Intermediate knowledge of Linux