Rite-Solutions, Inc., is a growing and innovative CMMI Level III software and systems engineering company, that values the personal and professional experience of the employee as part of the key fabric of building and maintaining an innovative and culture rich experience for the employee and their family. This commitment to our company and our employees has been recognized as we were awarded the Providence Business News "Best Places to Work" Winner in 2021 and the "Great Place to Work" Certification in 2022! Recipient of Hire VETs Medallion Award in 2021 and 2022!
We are seeking a skilled and talented candidate to join the team! Ability to identify and apply knowledge of the latest trends in the DevSecOps industry. Will be responsible for organization-wide software development security and integrity. Supporting the analytical service contract in the deployment of web services and solutions enabling the automation of data discovery and support higher orders of analysis to implement DevSecOps practices. This position is located on-site in Middletown, RI.
Duties and responsibilities:
- Support execution and refinement of the DevSecOps practices withing the organization
- Maintain current knowledge of relevant technology as assigned
- Perform in a DevSecOps engineering role responsible for the design, configuration, testing, and deployment of cloud services in support of the IC Assessment and Authorization process
- Support systems deployment, configuration management, and application within on-premises and cloud environments, classified systems and all DevSecOps tools and API services.
- Automate security processes into CI/CD pipeline
- Conduct research and evaluate new DevSecOps platforms, components, tools, and processes for new projects and ongoing initiatives
- Collect security-related metrics and increase security visibility across the organization
- Plan for migration deployment and management of security tools to cloud infrastructure platforms such as Google Cloud or AWS, through automation using infrastructure-as-code principles
- Work with teams to bring continuous improvement to DevSecOps processes and tools
- Responsible for establishing current and long-term direction aiming at driving to the forefront of change to a DevSecOps culture
- Assist Information Assurance team conducting risk assessments
- Coordinate DevOps security in order to assist IT teams in delivering secure infrastructure solutions with his/her security recommendations and requirements
- Perform and participate in technical vulnerability assessments of systems currently in place in addition to security evaluations
- Create and maintain standards and documentation related to security processes, procedures, and infrastructure
- Participate in implementation or deployment of new tools, processes, and best practices in order to improve knowledge sharing and to raise security level while promoting security awareness
- Communicate with efficiency while delivering security needs and validating that appropriate security measures are in place
Qualifications and Requirements
- 3-5+ years of industry experience
- A Bachelor's degree in one of the following fields:
- Information Technology
- Science or Computer Science
- This position requires US Citizenship and the ability to obtain a DoD Secret Clearance
- Experts should be able to automate security processes into CI/CD pipeline
- Experience as a full-stack developer, with hands-on experience in DevSecOps practices
- Experience with CI/CD tools such as GitLab, Jenkins, Nexus, Artifactory
- Experience with software security, secure coding, or software assurance tools and techniques
- Demonstrated skill with at least one or more configuration management/scripting technologies such as Ansible, Chef, Puppet
- Understand the principles of security testing such as (SAST, DAST, IAST, RASP, etc.)
- Experience with Linux Containers (Docker), Kubernetes, and deployment of containerized applications/microservices architectures
- Experience in Information Security, Networking or Security Risk Management
- Knowledge of Agile & DevOps methodologies
- Experience with Cloud Security (AWS, GCS, Azure)
- Must have strong analytical skills and deep security subject matter expertise across platforms
- Exercise critical thinking in identifying external trends in information security threats and correlating to internal activity
- Experience scripting with Java, Python, etc.
- Experience with ISO 27001-2, NIST 800-171, or other controls standards
- Advanced knowledge of Application Security Architectures and Guidance
Additional Skills and Requirements of Interest (Not Required):
- Certifications: One or more of the following CISSP, CISM, CRISC, GSEC
- Solid knowledge of industry standards (NIST/DISA)
- Experience in automation/infrastructure to enforce cloud infrastructure security
- Experience with tools and technologies used throughout secure SDLC (e.g. Fortify, Checkmarx, Veracode, WhiteSource, Blackduck)
We are looking for talented individuals to join our team of Friends Enjoying Work! Apply if you are interested in becoming one of F.E.W!
As an EOE/AA employer, Rite-Solutions will not discriminate in its employment practices due to an applicant's race, color, religion, sex, sexual orientation, gender identity, national origin, and veteran or disability status.
For more information, or to apply now, you must go to the website below. Please DO NOT email your resume to us as we only accept applications through our website.