Description

The Multi Domain Solutions Division at Leidos is looking for a DevSecOps Engineer to support a fast-paced program with the Air Force Life Cycle Management Center. The DevSecOps Engineer will enhance the integration of security practices into our DevOps processes for a large Air Force weapons system program. This role is vital for ensuring that security is a fundamental aspect of the software development lifecycle. The ideal candidate will have experience in DevSecOps practices and a strong desire to improve security measures within our applications. This position offers a valuable opportunity to further develop your career in DevSecOps within an Air Force program, contributing to the secure and efficient development of software in a challenging and innovative environment.

• Support the integration of security practices into the DevOps pipeline for DoD applications, ensuring compliance with relevant standards.
• Implement and automate security tools and processes within CI/CD workflows to enhance the security posture of applications.
• Conduct vulnerability assessments, penetration testing, and threat modeling to identify and remediate security issues.
• Collaborate with development and operations teams to establish secure coding practices and implement security controls.
• Configure and manage security tools, including static code analysis, dynamic application security testing, and infrastructure as code (IaC) security.
• Participate in incident response activities, monitoring security alerts and incidents, and coordinating with cross-functional teams.
• Mentor junior team members and provide guidance on DevSecOps best practices and tools.

• US Citizen with at least a Top Secret clearance
• 4+ Years of Experience and a Bachelor's degree in Computer Science or similar field. Additional Experience may be considered in lieu of degree.
• Three to five years of experience performing or supporting software development activities in a professional capacity.
• Strong understanding of software development paradigms and supporting technologies (e.g. change management & version control, CI/CD, Agile planning tools such as Jira or Gitlab)
• Strong experience with Linux and Windows operating systems, network administration, and networking protocols/functions (e.g., HTTP, HTTPS, SSL/TLS, SMTP, DNS)
• Experience provisioning and managing resources within IaaS/Cloud infrastructures (e.g., Azure, AWS, Google Cloud Platform, etc.)
• Experience with container technologies such as Docker and container orchestration tools like Kubernetes
• Experience with automated provisioning and configuration tools like Terraform, CloudFormation, Chef, Puppet, Ansible or similar technologies
• Excellent problem solving and analysis skills, including the ability to logically create structure and order from unstructured inputs.
• Self-starter that is able to work independently while possessing the communication skills to work effectively with software development teams and customers.
• Excellent interpersonal, verbal and written communication skills.
• Ability to obtain U.S. DoD Secret security clearance.

• Experience with Air Force Life Cycle Management Center programs.
• DoD 8570 IAM Level II certification or higher (e.g. CASP, CISM, CISSP) or DoD 8140 Advanced certifications
• Intermediate or better cloud certifications such as Microsoft Certified: Azure Solutions Architect Expert or similar certification from another cloud provider.
• Experience with security tools and practices related to DevSecOps (e.g., SAST, DAST, IAST).
• Experience with compliance standards (e.g., OWASP, NIST) and DoD regulations.
• Understanding of Infrastructure as Code (IaC) and security automation.
• Three to five years of experience performing DevSecOps activities in a professional capacity.
• Interest in continuous learning and professional development in cybersecurity and DevOps practices.