Sr. DevSecOps Engineer

What You’ll Do:

As a Senior DevSecOps Engineer, you will manage the cloud security implementation for multiple cloud environments to include AWS, Azure, and classified platforms. You will also be responsible for designing, implementing, and maintaining secure software development practices and tools for Slingshot’s software development lifecycle, then educating/mentoring others in the organization. You’ll also help manage and mitigate infrastructure costs and maintain vendor relationships. 

Position Responsibilities: 

• Executes all position responsibilities in alignment with Slingshot’s core values, mission, and purpose
• Work within Engineering teams to interweave security with the scalability, performance, reliability, and functional requirements to virtualized/cloud computing solutions
• Leverage industry best practices and experience to ensure that security is baked into deliverables from the start and that each product and program fully embrace a DevSecOps and “shift-left on security” mentality
• Develop automated build and test pipeline strategies including aspects of security and compliance to ensure viability of cloud deployment solutions
• Secure and manage cloud-native resource on providers like AWS and Azure through infrastructure-as-code and compliance-as-code
• Administer and support developer and user access to cloud resources
• Leverage observability tools to monitor security metrics for applications virtualized resources
• Participate in Agile software development and deployment processes
• Provide ongoing support for the services and applications that are critical to our business needs
• Communicate methods, findings, and hypotheses with stakeholders
• Perform other duties as assigned (to be less than 10% of the responsibilities listed above)

Pre-Requisites

• Must have an active TS/SCI clearance or be eligible and willing to obtain one

Minimum Requirements

• 6+ years of professional experience in a DevSecOps or similar role
• Experience with container security practices within Kubernetes and Helm
• Experience with security configuration of AWS Cloud Native Technologies
• Deep working knowledge of version control (Git) and CI/CD tools (GitHub Actions)
• Experience with infrastructure as code frameworks including Terraform
• Good understanding of networking, routing, firewalls, VPN, SSL
• Knowledge of programming/scripting languages (Python, Bash, JavaScript) used in DevSecOps life cycles
• Keen attention to detail and industry best practices pertaining to privacy, security, and compliance
• Experience with security compliance audits/certifications such as SOC 2 Type 2, FedRAMP, CMMC 2.0, ISO 27001
• Skill and comfort working in a rapidly moving startup environment with dynamic objectives and iteration with users

Preferred Skills