INFORMATION SECURITY ANALYST 3 (DEVSECOPS) WITH SECURITY CLEARANCE
USFalcon Inc
Colorado Springs CO 80901 US
We have an exciting opportunity to join us in supporting one of our valued customers as anInformation Security Analyst 3 (DevSecOps) to work out of Colorado Springs, CO. *Hybrid Position* PAY: $115,000 - $150,000 JOB SUMMARY: The Information Security Analyst 3 (DevSecOps) will support the Modeling and Simulation (M&S) software developers in the furtherance of FedRAMP Impact Level packages and ATC/ATO matters. The candidate will design, implement, operate, and monitor SecOps solutions using tools such as AWS GuardDuty, CloudTrail, and CloudWatch; Prometheus; Grafana; Jaeger; Elastic/ELK Stack (kubewatch; fluentd; Static Code Analysis tools; third party dependency vulnerability scanners; authentication proxies; firewalls; TLS encryption; role based access control; vulnerability scanners; and patch and configuration management tools while restricting access to sensitive components such as nodes, etcd, Kubelet, Kubernetes Dashboard, and API servers). Critical to this effort, the candidate should be able to identify possible attack vectors, vulnerabilities, and proper configurations to mitigate risk to an acceptable level. Use agile management tools to track and manage projects. The candidate should be able to design elegant solutions, solve complex problems, integrate different components, incorporate test into design, and research solutions for collecting, storing, manipulating, and presenting information while embracing open architectures, software, and common standards. The candidate will support developers in DevSecOps design, implementation, and maintenance operations to include securing Kubernetes hosts, control planes, pods, and workloads. Work with developers to ensure the Continuous Integration/ Continuous Development (CI/CD) pipeline automates security scanning and reporting to ensure secure coding practices are being followed; such as securing container images, passing vulnerability and quality scanners when code is checked into source code repositories, and adhering to role-based access control policies. ESSENTIAL DUTIES: * Work efficiently and effectively from the office, at home, and/or remote locations
* Integrate security principles into the development and deployment of software/hardware solutions
* Ensure continuous monitoring processes are installed and actively controlled
* Participate in root cause analysis investigations
* Establish DevSecOps processes to ensure permissions and configurations are appropriate
* Review and validate newly developed code for security concerns
* Facilitates data and cloud migration
* Collaborate with team members, management, customers, and external technical teams to identify/capture end-user requirements, and ensure timely, high-quality solutions
* Flush out technical details/requirements; ensure code quality and security; design for test; assist in code and functionality/usability reviews; troubleshoot, debug, test, maintain and improve software; assist other team members; design, develop, document, analyze, test, integrate, debug, and analyze software and system requirements to provide scalable and reliable services
* Additional duties may be assigned
REQUIRED QUALIFICATIONS: * Current DoD 8570.01-M IAT Level 2 or 3 certification (e.g., CompTIA Security +, ISC2 CISSP or must obtain within six months of hire)
* Understanding of cloud service technologies and critical DevSecOps principles
* Proficiency in virtual environments
* Strong verbal and written communication skills and ability to interact with others in a professional manner
* Excellent problem solving and troubleshooting skills
PREFFERED QUALIFICATIONS: * Experience supporting DoD Contracts
* Several years’ experience with DevSecOps and/or AWS
* Experience with FedRAMP Impact Level and/or CMMC
Experience with some of the following technologies
* Languages/scripting: Knowledge of Ansible, Terraform and YAML scripts is strongly desired. Knowledge of common coding languages (C, C++, C#, .NET, XML, PHP, Python, Go (Golang), Groovy, JavaScript, TypeScript, HTML, CSS, WebSockets, jQuery, Junit, VUE, MATLAB, YAML, JSON, REST, and JavaScript Framework (Angular, NodeJS, Express, React, Ember, Knockout, Backbone, and/or Vue)) is a plus.
* Cloud Development/Services Platforms: AWS, Cloud Native Computing Foundation design and tools
* Cloud Monitoring Services: Kubernetes Dashboard, Grafana, Prometheus, Jaeger, Elastic/ELK Stack, SIEM, ESS, NIDS, Snort, kubewatch, cAdvisor, fluentd, and Weave Scope
* Agile Management Tools: Atlassian Jira, Microsoft Azure Boards
* Container/Container Management: Kubernetes, Jenkins, OpenShift 4.x, VMWare Tanzu, Rancher, Docker, Podman, Helm, Istio
* Ops/Infrastructure: Elastic/ELK (Elasticsearch, Kibana, Beats, and Logstash), Argo, Maven, Ansible, Puppet, Terraform, Minion, Linting Tools (Ansible Lint, JSON Lint, YAML Lint), HAProxy, CoreDNS, Zookeeper, GitLab Runner
* Repositories: GitLab, S3 Bucket, Argo, Vault
* Build and Test: Gradle, Maven, Npm Registry, JUnit 5, Cypress.io, OWASP, Fortify, Coverity, SonarCube
* Monitoring: Elasticsearch, fluentd, Kibana, Prometheus, Kiali, Grafana, Logstash
* Security: Fortify, Twistlock, Anchore, SonarQube, OpenSCAP, OWASP, Helm, IAM, SAML, OAuth, Trufflehog, Nessus, Container security, Zero Trust
* Database/Data: Designing, accessing, and maintaining data stores, feeds, and processing tools including MySQL, MariaDB, MS SQL Server, PostgreSQL, MangoDB, Nifi, NoSQL
* Messaging: Pub/Sub, Kafka, RabbitMQ, Active MQ, NATS
* API Gateways: AWS API
* Webservers: Apache HTTP, Apache Tomcat, IIS, Nginx, H2O, Caddy, Eclipse Jetty, XAMPP
* Operating Systems: Windows, CentOS, Red Hat or other Linux distributions
EDUCATION/CERTIFICATION: * Bachelor’s degree in related field
REQUIRED CLEARANCE: Clearable (Ability to Obtain Top Secret), Active Top Secret Clearance preferred TRAVEL:10% In compliance with Colorado’s Equal Pay for Equal Work Act, USfalcon considers several factors when extending an offer, including but not limited to, the role and associated responsibilities as well as a candidate’s work experience, knowledge, skills, education, and training. Benefits Offered:medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, EAP, parental leave, pet insurance, paid time off, and holidays. About US:USfalcon has grown from our roots in 1984 to become a mid-tier professional services company supporting a diverse and global customer base of DoD and Federal Agencies. We have been excelling in diverse platforms for almost 30 years and continue to be an industry leader. If you thrive in an organization that values integrity, commitment, stewardship, and service, we want to meet you. We deliver core capabilities in Aviation, Space, Information Technology, and Business Operations and continue to grow and expand our competencies, contracts and customer base, adding to our long history of supporting customer and community needs. Learn more at www.usfalcon.com/history.
* Integrate security principles into the development and deployment of software/hardware solutions
* Ensure continuous monitoring processes are installed and actively controlled
* Participate in root cause analysis investigations
* Establish DevSecOps processes to ensure permissions and configurations are appropriate
* Review and validate newly developed code for security concerns
* Facilitates data and cloud migration
* Collaborate with team members, management, customers, and external technical teams to identify/capture end-user requirements, and ensure timely, high-quality solutions
* Flush out technical details/requirements; ensure code quality and security; design for test; assist in code and functionality/usability reviews; troubleshoot, debug, test, maintain and improve software; assist other team members; design, develop, document, analyze, test, integrate, debug, and analyze software and system requirements to provide scalable and reliable services
* Additional duties may be assigned
REQUIRED QUALIFICATIONS: * Current DoD 8570.01-M IAT Level 2 or 3 certification (e.g., CompTIA Security +, ISC2 CISSP or must obtain within six months of hire)
* Understanding of cloud service technologies and critical DevSecOps principles
* Proficiency in virtual environments
* Strong verbal and written communication skills and ability to interact with others in a professional manner
* Excellent problem solving and troubleshooting skills
PREFFERED QUALIFICATIONS: * Experience supporting DoD Contracts
* Several years’ experience with DevSecOps and/or AWS
* Experience with FedRAMP Impact Level and/or CMMC
Experience with some of the following technologies
* Languages/scripting: Knowledge of Ansible, Terraform and YAML scripts is strongly desired. Knowledge of common coding languages (C, C++, C#, .NET, XML, PHP, Python, Go (Golang), Groovy, JavaScript, TypeScript, HTML, CSS, WebSockets, jQuery, Junit, VUE, MATLAB, YAML, JSON, REST, and JavaScript Framework (Angular, NodeJS, Express, React, Ember, Knockout, Backbone, and/or Vue)) is a plus.
* Cloud Development/Services Platforms: AWS, Cloud Native Computing Foundation design and tools
* Cloud Monitoring Services: Kubernetes Dashboard, Grafana, Prometheus, Jaeger, Elastic/ELK Stack, SIEM, ESS, NIDS, Snort, kubewatch, cAdvisor, fluentd, and Weave Scope
* Agile Management Tools: Atlassian Jira, Microsoft Azure Boards
* Container/Container Management: Kubernetes, Jenkins, OpenShift 4.x, VMWare Tanzu, Rancher, Docker, Podman, Helm, Istio
* Ops/Infrastructure: Elastic/ELK (Elasticsearch, Kibana, Beats, and Logstash), Argo, Maven, Ansible, Puppet, Terraform, Minion, Linting Tools (Ansible Lint, JSON Lint, YAML Lint), HAProxy, CoreDNS, Zookeeper, GitLab Runner
* Repositories: GitLab, S3 Bucket, Argo, Vault
* Build and Test: Gradle, Maven, Npm Registry, JUnit 5, Cypress.io, OWASP, Fortify, Coverity, SonarCube
* Monitoring: Elasticsearch, fluentd, Kibana, Prometheus, Kiali, Grafana, Logstash
* Security: Fortify, Twistlock, Anchore, SonarQube, OpenSCAP, OWASP, Helm, IAM, SAML, OAuth, Trufflehog, Nessus, Container security, Zero Trust
* Database/Data: Designing, accessing, and maintaining data stores, feeds, and processing tools including MySQL, MariaDB, MS SQL Server, PostgreSQL, MangoDB, Nifi, NoSQL
* Messaging: Pub/Sub, Kafka, RabbitMQ, Active MQ, NATS
* API Gateways: AWS API
* Webservers: Apache HTTP, Apache Tomcat, IIS, Nginx, H2O, Caddy, Eclipse Jetty, XAMPP
* Operating Systems: Windows, CentOS, Red Hat or other Linux distributions
EDUCATION/CERTIFICATION: * Bachelor’s degree in related field
REQUIRED CLEARANCE: Clearable (Ability to Obtain Top Secret), Active Top Secret Clearance preferred TRAVEL:10% In compliance with Colorado’s Equal Pay for Equal Work Act, USfalcon considers several factors when extending an offer, including but not limited to, the role and associated responsibilities as well as a candidate’s work experience, knowledge, skills, education, and training. Benefits Offered:medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, EAP, parental leave, pet insurance, paid time off, and holidays. About US:USfalcon has grown from our roots in 1984 to become a mid-tier professional services company supporting a diverse and global customer base of DoD and Federal Agencies. We have been excelling in diverse platforms for almost 30 years and continue to be an industry leader. If you thrive in an organization that values integrity, commitment, stewardship, and service, we want to meet you. We deliver core capabilities in Aviation, Space, Information Technology, and Business Operations and continue to grow and expand our competencies, contracts and customer base, adding to our long history of supporting customer and community needs. Learn more at www.usfalcon.com/history.