V

DevSecOps Security Engineer

varmoda tech • Washington Dc-baltimore Area
Remote
This Job is No Longer Active This position is no longer accepting applications

Job Description

Job Title: DevSecOps Security Engineer

Location: 100% Remote


Job Description:

The DevSecOps Security Engineer will support dynamic and static analysis (DAST and SAST) of code for multiple applications using Fortify and work across technical teams to support the remediation of findings. The DevSecOps Security Engineer will support a large team of infrastructure, security and application team during migration of on-prem and cloud applications to the client Azure Government enclave. The security engineer will configure, operate and maintain Security Code Scanning tools (Fortify). The engineer will provide support for security assessment and authorization/ ATO process, security audits.

Required Skills:

• 5+ years’ experience supporting secure DevSecOps practices using FORTIFY

• 5+ years’ experience running Dynamic and Static Application Security Testing (SAST)

• 5+ years’ experience working with of source version control, build/release tools and methodologies

• 5+ years’ experience with CI/CD pipelines

• 5+ years’ experience with the software build process

• 5+ years’ experience supporting backups and disaster recovery

• 5+ years’ experience maintaining access control and the integrity of data throughout the platform

• 5+ years’ experience designing, developing, evaluating and modifying systems and systems-oriented products.

• 5+ years’ experience configuring, deploying and maintaining and optimizing security code scanning tools (Fortify)

• Work with the development and infrastructure teams to remediate findings

• Perform Cyber Supply Chain Risk Management (C-SCRM) activities to include configuring, deploying and maintaining SCRM tool (Mend) and analyze reports.

• Support Security Assessment and Authorization / ATO process

• Bachelor’s Degree and a minimum 5 years’ experience. Additional years of experience maybe accepted in lieu of the degree.

• Ability to acquire a Public Trust Background investigation

• U.S. Citizen

 

Preferred Skills :

 

• Certified in industry recognized areas such as CISSP, CISA, or CISM

• Familiarity with NIST 800-53, FISMA, FedRAMP

• Excellent organization, collaboration, project management, and team leadership skills

• Strong communication skills and experience creating and delivering compliance status and metrics briefings to senior leadership

• 2+ years’ experience executing security compliance in multi-cloud or DevSecOps environments

• 2+ years’ experience coordinating across security, IT operations, audit, and development groups to achieve security outcomes.

 

Security certification in one or more cloud environments (Azure, AWS, Google..

Similar Jobs

Explore other opportunities that match your interests

Junior SOC Security Engineer

Cyber Security
•
4h ago
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Not Applicable

RTB House

Poland
Visa Sponsorship Relocation Remote
Job Type Full-time
Experience Level Mid-Senior level

hexon

India

Senior Application Security Engineer

Cyber Security
•
4h ago

Premium Job

Sign up is free! Login or Sign up to view full details.

•••••• •••••• ••••••
Job Type ••••••
Experience Level ••••••

canary technologies

United State

Subscribe our newsletter

New Things Will Always Update Regularly