DevSecOps Engineer at GVA Partners

About This Opportunity

This position offers a great opportunity for career growth within a dynamic environment.

Key Responsibilities

• Work with Developers, DevOps, and Engineering teams to promote and implement the DevSecOps program throughout the organization
• Coordinate and perform vulnerability assessments using automated and manual tools (Tenable, NMAP, etc.)
• Review and analyze vulnerability data to identify security risks to the organization's network, infrastructure, and applications, and determine false positives
• Prepare security vulnerability and risk management reports for management
• Configure, implement, and leverage computer security and networking diagnostic and monitoring tools
• Work with APIs and Plugins to integrate security tools into established CI/CD pipelines
• Implement secure automation solutions for all environments
• Provide deployment capability to deliver products to point of need, including multiple cloud-based solutions
• Incorporate best practices to increase the quality and velocity of deployments
• Implement security best practices and configuration management
• Increase system performance with a focus on high availability and scalability
• Employ infrastructure as code paradigm to increase automation, scalability, and reliability
• Perform technology watch related to industry trends, best practices, and competitive landscape

Required Qualifications

• Bachelor's degree in Computer Science, Information Technology, or related field
• Minimum 5 years of professional experience
• Experience developing CI/CD solutions, preferably using GitLab
• Hands-on experience with Docker, Kubernetes, HSMs, Terraform, and Ansible
• Scripting experience in Bash and Python
• Ability to work under pressure during production failure incidents
• Strong leadership and teaming skills to coordinate vulnerability remediation within established timeframes
• Familiarity with Information Security frameworks and standards (e.g., CIS, NIST, RFC2196)