Scope of Responsibilities
- Secure, operate, and continuously deploy to FedRAMP and IL5 environments.
- Document security processes, vulnerabilities, remediation actions, and compliance measures.
- Partner with engineers to interpret security requirements and plan effective control implementations.
- Integrate security tools into the CI/CD pipeline, run security scans, and remediate vulnerabilities.
- Translate and synthesize complex concepts and architectures into a clear body of evidence artifacts, including System Security Plans (SSP) and architecture diagrams.
- Build and support a CI/CD infrastructure utilizing GitLab, Jenkins, Helm, and Kubernetes.
- Serve as a security Subject Matter Expert (SME) and govern architectures to ensure they remain within the scope of an ATO.
Qualifications
- U.S. Citizenship is required
- Bachelor's degree in Computer Science, Mathematics or equivalent experience
- Linux/Unix experience, including command line and shell scripting
- Hands-on operational AWS/GCP/Azure experience
- Experience with cybersecurity frameworks (FedRAMP, FISMA, DoD SRG, NIST 800-171)
- Experience building and maintaining CI/CD pipelines with Jenkins, Gitlab CI, or related technologies
- Experience with Systems Monitoring/Alerting (Splunk, PagerDuty, Prometheus, Alertmanager, Grafana)
- Experience with infrastructure as code
- Current possession of a U.S. security clearance, or the ability to obtain one with our sponsorship
- Experience maintaining compliance within an accredited environment, ensuring all systems and processes operate according to the parameters of the granted ATO.
- Programming experience with any of the following languages: Golang, Java, Python, Groovy, Bash, or Ruby
- Experience with container-based architectures (Docker, Kubernetes, Helm)Experience deploying and supporting a microservices architecture
- Experience in or exposure to the nuances of a startup or other entrepreneurial environment
- Familiarity with test automation, including security testing and performance testing
