Leidos is seeking a skilled Sr DevSecOps Engineer to lead efforts in automating and optimizing cloud integration pipelines for the Passenger Systems Program Directorate (PSPD) within Customs and Border Protection (CBP), supporting DHS’s mission-critical traveler screening systems.
Requirements
- Expertise in AWS cloud infrastructure, specifically with AWS EKS and container orchestration.
- Proficiency in designing and implementing secure CI/CD pipelines using Harness and Rafay.
- Deep understanding of security best practices, including threat modeling, risk assessment, and vulnerability management.
- Experience with automated security tools (Anchore, Twistlock, etc.) and security scanning tools.
- Strong knowledge of container runtime and management principles and best practices for securing Kubernetes environments.
- Familiarity with Infrastructure as Code (IaC) principles and automation tools (e.g., Ansible, Terraform, CloudFormation).
- Proficiency in scripting languages like Python or Bash.
Responsibilities
- Design, implement, and maintain secure CI/CD pipelines utilizing AWS EKS, Rafay, and Harness.
- Architect and implement solutions within the AWS EKS environment, leveraging native AWS services (Lambda, SNS, SQS, etc. ) and third-party tools.
- Conduct proactive threat modeling and risk assessments to identify potential vulnerabilities and define mitigation strategies.
- Implement automated security and vulnerability scanning within the CI/CD pipeline and for containerized applications (Anchore, Twistlock, etc.).
- Drive the remediation of security vulnerabilities, collaborating with development and operations teams to implement effective solutions.
- Manage secrets and sensitive data securely using appropriate tools like AWS Secrets Manager or HashiCorp Vault.
- Enhance security monitoring, logging, and alerting systems to detect and respond to security incidents promptly.
Other
- Proven experience as a Senior DevSecOps Engineer or similar leadership role with a strong focus on security.
- Excellent problem-solving, analytical, and critical thinking skills.
- Strong communication and collaboration skills, with the ability to work effectively across cross-functional teams.
- Relevant certifications such as Certified DevSecOps Professional (CDP) or Certified Information Systems Security Professional (CISSP) (preferred).
- The candidate must be in Ashburn, VA, twice a week.
