DevSecOps Engineer

Title: DevSecOps Engineer

Location: Austin, TX

Duration: Long Term

You can ApplyHere or click on the link to the Arytic AI Hiring Platform

Job Description

The Worker will perform highly advanced DevOps related work as part of a cross-functional team under the direction and guidance of the Shared Application Services manager. The Worker must have strong hands-on professional software development and/or IT operations experience building, testing, and deploying secure production applications and systems using continuous integration and continuous delivery/deployment (CI/CD) pipelines in a large-scale enterprise environment. The worker will be responsible for designing, building, and maintaining our CI/CD pipelines, monitoring applications and infrastructure for performance issues, and conducting regular assessments to ensure systems are performing optimally. The worker will also provide training on DevOps practices and stay updated on latest technologies. They should have expertise in a variety of DevOps tools, knowledge of DevOps automation, and strong experience with Linux administration, containerization technologies, and microservices architecture. The worker is expected to proactively address potential security risks and performance issues to ensure the security, stability, and efficiency of our CI/CD pipelines.

CPA will require the Worker to work on the following initiatives and will perform advanced tasks such as:

• CI/CD Modernization and automation of the entire pipeline from code check-in to deployment utilizing industry best practices such as Infrastructure as Code (IaC), Configuration as Code (GitOps), and Blue-Green and Canary Deployment Strategies.
• Implement "Shift Left" security approach by integrating security tools and automating security checks and compliance into the CI/CD pipeline.
• Monitoring and Observability to provide comprehensive monitoring, logging, and alerting for the CI/CD pipeline.
• Participating in all phases of SDLC.
• Performing extensive code reviews and analysis.
• Writing reports on code analysis to determine if industry standards and secure coding best practices are being followed; provide analysis to address found short comings.
• Providing guidance and knowledge sharing to existing development staff.

Required skills:

• 7 years of Professional experience in DevOps engineering, Software Development, or related field
• 6 years of experience with programming languages such as Java and .NET
• 5 years of experience with scripting languages such as Bash, Python, and PowerShell to automate repetitive tasks such as monitoring, deployments, and configuration management
• 5 years of experience with setting up and managing Jenkins servers, creating and maintaining CI/CD pipelines, integrating with other tools (e.g., Git, Maven, SonarQube), writing Groovy scripts for pipeline automation, and monitoring and optimizing Jenkins performance.
• 5 years of experience with Infrastructure as Code tools like Ansible, Terraform, or Chef
• 5 years of experience with containerization and orchestration tools such as Docker and Kubernetes
• 5 years of experience with automation of infrastructure provisioning and configuration management
• 5 years of experience with Maven in building and managing Java projects, maintaining POM files, troubleshooting build issues, dependency management and versioning, and integrating with CI/CD pipelines
• 5 years of experience with Artifactory set up, configuration, managing binary repositories, integrating with build tools (e.g., Maven and Jenkins), managing artifact lifecycle and versioning, and implementing security and access controls.
• 5 years of experience with microservices architecture, design, development and containerization and orchestration
• 5 years of experience with SQL and NoSQL databases
• 5 years of designing, developing, testing, integrating, and implementing secure REST APIs
• 5 years of experience with code reviews and in-depth code analysis
• 5 years of experience with highly complex application security requirements
• 5 years of experience with Git, Bitbucket, Subversion and version control systems
• 4 years of experience with SonarQube set up, configuration, integrating with CI/CD pipelines, and analyzing code quality and security vulnerabilities
• 4 years of experience with Jira and Confluence
• 4 years of experience with Agile teams
• 3 years of experience with coaching, training, mentoring and knowledge transfer

Preferred skills:

• 4 years of experience in Cybersecurity and implementing and automating security best practices into CI/CD pipelines
• 4 years of experience with security testing tools such as SAST, DAST, or IAST
• 3 years of experience with cloud technologies and platforms such as AWS and Azure
• 3 years of experience working with legacy applications/services
• 3 years of experience in modern web technologies such as JavaScript, Node.js, React.js, Redux, HTML5, CSS3
• 3 years of Public sector experience (Federal, State or Local Government)
• 2 years of Proficient with the Microsoft Office products, including Outlook, TEAMS, Microsoft Project, Word, Visio, Excel and PowerPoint

OTHER SPECIAL REQUIREMENTS

Must be able to:

• develop and maintain CI/CD pipelines and automate building, testing, and deployment of software applications.
• collaborate effectively with software engineers, operations staff, security teams, testers, and various stakeholders to identify and implement "shift left" security measures and best practices in the CI/CD pipelines.
• design, test, and implement secure software development practices and standards in the CI/CD pipelines.
• continuously monitor applications and infrastructure for security vulnerabilities and performance issues and coordinate remediation efforts.
• troubleshoot and resolve issues in the CI/CD pipelines to minimize downtime and limit impact to developers and stakeholders
• participate in incident response and troubleshooting sessions.
• In coordination and alignment with Information Security Office, document and communicate security procedures and policies.
• stay abreast of new technologies, industry standards and best practices, and integrate them into the pipeline architecture and design where applicable.
• be productive working independently or in a team environment (both local and remote) with minimal supervision.

Must possess:

• knowledge of DevSecOps methodologies, concepts, and practices
• knowledge of DevOps Automation
• comprehensive technical expertise in a variety of DevOps tools, including Ansible, Jenkins, Maven, Artifactory, SonarQube, Xray, Checkmarx, Jira, Bitbucket, Subversion, Git/Version Control Software, or comparable technologies.
• familiarity with information security frameworks and standards such as NIST and OWASP Top 10.
• strong understanding of Linux administration and scripting languages (e.g., PowerShell, Bash, Python)
• experience with microservices architecture and cloud-native development.
• experience with containerization and orchestration technologies like Docker and Kubernetes.
• strong written, verbal, and interpersonal communication skills.
• strong problem-solving skills and ability to multi-task with readiness to put in extra effort when necessary the willingness to learn

Note: To Access Esolvit jobs and open roles you can visit our website www.Esolvit.com or visit our AI Hiring Platform Arytic Inc. www.Arytic.com .There you can create User ID and complete the signup process to explore more jobs or positions.