DevSecOps ENGINEER

at  Quantum Research International Inc

OVERVIEW:

Quantum Research International, Inc. (Quantum) is a certified DoD Contractor providing services and products to US/Allied governments and industry in the following main areas: (1) Cybersecurity, High Performance Computing Systems, Cloud Services and Systems; (2) Space and Ground Support Systems; (3) Aviation Systems; (4) Missile Systems; (5) Artificial Intelligence/ Machine Learning Systems and Experimentation/Training; and (6) Audio Visual Systems and Services. Quantum’s Corporate Office is in Huntsville, AL, but Quantum actively hires for positions nationwide and internationally. We pride ourselves on providing high quality support to the U.S. Government and our Nation’s Warfighters. In addition to our corporate office, we have physical locations in Aberdeen; MD; Colorado Springs, CO; Orlando, FL; Crestview, FL; and Tupelo, MS.

REQUIREMENTS:

• Associate degree with one-year relevant experience or three years relevant experience
• Experience with tools like Azure DevOps, SonarQube, SonaType, Fortify and AWS GovCloud.
• Proficient with Docker, Docker Compose, and orchestration tools i.e. Kubernetes, Docker Swarm.
• Knowledge of scripting languages such as PowerShell.
• Three years’ experience in C# and .NET programming languages.
• Secret security clearance.
• IAT level II baseline certification.
• Computing Environment (CE) certification.

DESIRED SKILLS:

• Experience with using eMASS for managing RMF records.
• Experience with PowerShell or other scripting languages.
• Experience with Amazon Web Services (AWS) architectures and security.
• Top Secret security clearance with SCI eligibility.
• Experience with Tenable Security Center (SC) and NESSUS; scanning and data analysis.
• Experience with Trellix ePO server and end products; deployment, configuration, troubleshooting and data analysis.
• Experience with STIGing tools; SCAP Compliance Checker, STIG Viewer, and Vulnerator.
• Experience with STIGing multiple technologies (i.e. Windows, AD, VMware, RHEL, CISCO, DNS, Palo Alto).
  Equal Opportunity Employer/Affirmative Action Employer M/F/D/V: All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity, or any other characteristic protected by law. *Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions

• Manage security measures for containerized services using Docker, Kubernetes, and similar technologies.
• Develop and maintain documentation related to DevSecOps processes and tools.
• Monitor security tools in the development pipeline and adjust as necessary to improve automation and effectiveness.
• Collaborate with developers to enforce standards and to identify and mitigate security risks.
• Integrate security tools into CI/CD pipelines to ensure secure deployment practices and minimize vulnerabilities.
• Secure system configurations and install security tools, scan systems in order to determine compliancy and report results and evaluates products and various aspects of system administration.
• Conduct security program audits and develop solutions to mitigate risks.
• Evaluate, develop, and enhance security assessment capabilities.
• Perform vulnerability assessments including development of risk mitigation strategies.