Devops Engineer with c2c software jobs Arlington VA

Contract

Devsecops engineer

Position: Devsecops engineer

Location: Arlington VA

Duration: 12 Months

 

What You’ll Do:

– Collaborate with a team of engineers to implement specific security policies in the CI/CD security tools including but not limited to SAST, DAST and SCA applications.

– Work with Development, DevOps and Security teams to identify and develop automated security and compliance capabilities in support of DevOps processes.

– Define the security rules that needs to be adhered to at a code level in web and mobile applications written in Java, React, Objective C, SWIFT, Kotlin etc.

– With your development background and security knowledge, provide security guidance to developers in the form secure coding standards and guidelines.

– Support security standards, create templates and patterns to increase the efficiency and adoption of security program.

 

These skills will help you succeed in this role:

– Bachelor’s degree with minimum 8 years of work experience in the IT field

– 3+ years software development experience using Java, JavaScript

– 3+ years of experience in the following:

– OWASP Secure Coding Practices

– Common software and web application security vulnerabilities

– Application security scanning tools

– Continuous Integration/Continuous Deployment (CI/CD) processes and concepts using relevant technologies and tools (e.g., Jenkins)

– Experience in Python scripting

 

Even Better If You Have

– A degree in Cybersecurity or CISSP/CSSLP certification or keen desire to move to security field

– Business acumen to support the implementation of SAST or DAST or IAST across the enterprise

– Ability to perform code reviews with minimal assistance

– A self-starter, with a strong desire for learning new technologies and applying them to solve problems

– Experience with two or more of the application build environments like Jenkins, Gradle, Maven.

– Familiarity with public cloud services a plus

– Experience with two or more of the Secure SDLC tools like Burp Suite, Fortify, Checkmarx, AppSec SE, Veracode, WhiteSource, Sonatype

– Experience with Threat Analysis.

– Experience with DevSecOps, Secure SDLC.

– DevOps container/orchestration tools (Kubernetes, Docker, Puppet, etc) is a plus

– Experience with evaluation, integration and onboard of security tools such as RASP, WAF, vulnerability scanner results, container analyzers, open source scanning etc is a plus

 

Spruce Technology, Inc. is a mid-size, award-winning (Inc 5000, SmartCEO, Entrepreneur of the Year) technology services firm with a steadily growing portfolio of commercial and government clients. Spruce provides innovative technology solutions, specialized IT staff, and IT strategy consulting nationwide. Spruce maintains partnerships with major technology vendors and continually develops leading-edge offerings in service areas such as digital experience, data services, application development, infrastructure, cyber security, and IT staffing.

 

Spruce Technology, Inc. is an affirmative action and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information. Consistent with the Americans with Disabilities Act, it is the policy of Spruce Technology, Inc. to provide reasonable accommodation when requested by a qualified applicant or employee with a disability, unless such accommodation would cause an undue hardship. The policy regarding requests for reasonable accommodation applies to all aspects of employment, including the application process.

 

All full-time employees are eligible for the following benefits:

Medical, dental, vision health benefits

Life Insurance and AD&D (paid by company)

401k, Flexible and Dependent Care Spending Account plans.

Paid-time Off or Paid Sick Leave (amount dependent on position level and if required by state)

 

 

 

To apply for this job email your details to rkanchi@sprucetech.com