Job Description
About the position CGI Federal has an exciting opportunity for a DevSecOps Environment Engineer within our Intel sector advancing the national security mission through cutting edge technology. You must have a passion for keeping pace with rapidly evolving technology advancements and leveraging your knowledge on a highly collaborative team to deliver state-of-the-art capabilities. The DevSecOps Environment Engineer is a professional who integrates security practices into the software development lifecycle, ensuring applications and infrastructure are developed and deployed securely.
This role involves automating security processes, conducting assessments, and collaborating with development and operations teams to build robust and secure systems. CGI Federal is growing its high-performance team whose members share a passion for building high-quality, scalable, advanced IT solutions in a collaborative, fast-paced, outcome-driven mission. This position is located in our Arlington, VA office; however, a hybrid working model is acceptable. Responsibilities • Integrating Security into bolthires/CD Pipelines: Implement and maintain security tools and practices within the continuous integration and continuous delivery (bolthires/CD) pipeline.
• Automating Security Processes: Automate security testing, vulnerability scanning, and other security checks to streamline the development workflow. • Conducting Security Assessments: Perform regular security assessments, vulnerability testing, and penetration testing to identify and mitigate risks. • Collaborating Across Teams: Work closely with development, operations, and security teams to integrate security practices and resolve vulnerabilities. • Staying Updated on Security Threats: Monitor and respond to security incidents, and stay informed about the latest security threats and trends.
• Promoting Security Awareness: Educate and train teams on secure coding practices, security policies, and best practices. • Ensuring Compliance: Implement and enforce processes and tools to ensure compliance with relevant data privacy and protection regulations. • Monitoring and Incident Response: Monitor systems for security breaches and respond to incidents in a timely and effective manner. • Developing Security Tools: Design and develop customized security tools to automate and enhance security practices.
• Cloud Security: Manage and secure cloud-based infrastructure, ensuring it is compliant with industry standards. Requirements • Education and/or
Experience: Bachelor's degree and/or 5 to 8 years of experience • Security Clearance: Active TS/SCI with the ability to obtain and maintain a TS/SCI with bolthires Poly clearance; an active TS/SCI with bolthires Poly highly desired. • Strong Understanding of Security Concepts: Knowledge of security principles, best practices, and common vulnerabilities. • Proficiency in SDLC: Understanding of the software development lifecycle and how to integrate security at each stage.
• Experience with Automation Tools: Familiarity with automation tools like Jenkins, Ansible, Chef, or Puppet. • Knowledge of Cloud Technologies: Experience with cloud platforms like AWS, Azure, or bolthires Cloud. • Programming and Scripting Skills: Proficiency in programming languages like Python, Java, or Go. • Strong Communication and Collaboration Skills: Ability to effectively communicate with technical and non-technical stakeholders. • Problem-Solving and Analytical Skills: Ability to identify and resolve complex security issues.
Benefits • Competitive compensation • Comprehensive insurance options • Matching contributions through the 401(k) plan and the share purchase plan • Paid time off for vacation, holidays, and sick time • Paid parental leave • Learning opportunities and tuition assistance • Wellness and Well-being programs Apply tot his job