DevSecOps Engineer - Full-time

Description Job Description Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and mitigate cyber threats to CBP networks. The CBP SOC is responsible for the overall IT security of CBP Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed IT security violations. Leidos has an immediate need for a Development Security Operations (DevSecOps) Engineer to support the CBP SOC Program. The DevSecOps Engineer will gather requirements, design, codify, integrate and implement secure solutions that support business functionality as well as the underlying infrastructure required to run and deploy those solutions. Apply secure developmentcoding to include but not limited to, cloud technology, internet servers, application listing, virtualized containers, web-enabled database applications, network security, security engineering, data integrity, intrusion detection, firewall management, forensic and legal information security, virtual private networks, public keyinfrastructuredigital signatures, encryption, network security architecture and DHS Policy. Champion security by injecting security concerns into the existing development workflow build security thinking into every stage of software development. Coordinate with teams across the enterprise on the migration of existing IT services to the cloud identify security technical requirements, potential problems and issues, and participate on agile software development teams. Develop code (e.g., Python, Powershell, Django, Javascript, HTML, CSS, etc.) to interact with Rest APIs and API driven security technologies to automate security tasks (e.g., VirusTotal, Splunk ES, Tanium, etc.) aimed at removing human errors and human inconsistencies. Support SOC capabilities by customizing tools and automating processes for SOC and IR analysts. EDUCATION EXPERIENCE BS degree Science, Technology, Engineering, Math or related field and 8 years of prior relevant software engineering or devops experience. Familiarity with software development life cycle models and agile programming methodologies. Must have at minimum a Secret Level Clearance. The candidate must possess the technical skills and experiences with Cloud Service (AWS,Azure, etc), continuous delivery systems and enhancing SOC operations through automation. The ideal candidate will also have experience leading and mentoring junior members. Previous professional experience with performing integrated quality assurance testing for security functionality and resiliency to attacks. Previous professional experience with secure programming and identify potential flaws in codes to mitigate vulnerabilities. Applies coding and testing standards, security testing tools (including fuzzing' static-analysis code scanning tools), Identify common coding flaws, threat modeling, and conducts code reviews. Perform or support penetration testing as required for new or updated applications. Recognize security implications in the softwarecode acceptance phase, including completion criteria, risk acceptance and documentation, common criteria, and methods of independent testing. Participate in network and system design to ensure implementation of appropriate systems security policies, designs and implement systems security and data assurance. Take an approach of plan, code, build, test, release, deploy and monitor when writing software to automate CBP SOC security tasks. Knowledge of Source Code Management concepts (code lines, branching, merging, integration, versioning, etc.) Excellent problem solving, analytical skills and technical troubleshooting skills Ability to work with customersstakeholders, developers, testers, project managers, support staff Experience acquiring in-depth understanding of large complex software systems to isolate defects, reproduce defects, assess risk and understand varied customer deployment Should have advanced working knowledge of the following Encryption algorithms, secure communications, network and data communication protocols. Familiar with standard concepts, practices, and procedures within a particular field such as NIST, FISMA and Common Criteria regulations and standards. Solid Programming skills in the following programming and markup languages Java, .Net, Python, Visual Basic, Powershell, Bash, C++, Javascript, html, css Certifications One or more of the following Certifications CEH, CISSP, CSSLP, GPEN, OSCP, AWS Solutions Architect, RHSA, GXPN, GWAPT Desired Skills AWS Solutions Architect, DevOps Certs, RHCE Orchestration of Cloud infrastructure (Infrastructure as Code) Advance Degree in Computer Science or Computer Engineering DHSCyber External Referral Bonus Eligible Potential for Telework No Clearance Level Required Secret Travel No Scheduled Weekly Hours 40 Shift Day Requisition Category Professional Job Family Software Development Pay Range Leidos is a Fortune 500 Registered information technology, engineering, and science solutions and services leader working to solve the world's toughest challenges in the defense, intelligence, homeland security, civil, and health markets. The company's 38,000 employees support vital missions for government and commercial customers. Headquartered in Reston, Va., Leidos reported annual revenues of approximately 11.09 billion for the fiscal year ended January 3, 2020. For more information, visit www.Leidos.com httpwww.Leidos.com . Pay and benefits are fundamental to any career decision. That's why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available here httpswww.leidos.comcareerspay-benefits . Leidos will never ask you to provide payment-related information at any part of the employment application process. And Leidos will communicate with you only through emails that are sent from a Leidos.com email address. If you receive an email purporting to be from Leidos that asks for payment-related information or any other personal information, please report the email to mailto . All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.