Back to List
Share:
SHARE
Details:
Job Type:
Direct Hire
Remote Status:
Hybrid
Apply Later:
Send this job to your inbox!
Security Development Engineering
Location: Herndon, VA (Hybrid)
Employment Type: Full-time with Benefits
Security Clearance: Not Required
Citizenship: U.S. Citizenship Required
SecDevOps exists to bridge the gap between Security and Engineering. The position serves as the technical points of contact for security related activity that needs engineering or development focus. This position will be a hybrid position, and will require on-site attendance as required (i.e., training, assessment participation, team meetings, etc.).
This role serves as a “hands-on” mid-level security development engineer who will be responsible for interfacing with security engineering, operations, security and build teams. This individual will assist the GRC Control Assurance and SOC Vulnerability Management teams with the initial triage of vulnerabilities to produce actionable items for operations, or as necessary, be point for escalations to product or cloud teams. Additionally, this individual will be supporting the various assessments/audits by participating in interviews, managing operation and engineering escalations in support of assessment / audit activities. This can include, but not limited to, providing assistance and guidance on how the security controls are being addressed through automation, configuration or build as well as gathering evidence for the assessors. As required, this individual will also Shepard vulnerabilities and/or findings through the remediation process.
GENERAL RESPONSIBILITES
- Assist in reviewing vulnerability data from multiple sources (i.e. external/internal penetration testing, internal/external vulnerability scanning, etc.) across multiple technologies and a changing environment, including infrastructure and applications, to determine the risk rating of vulnerabilities to business assets.
- Work closely with our Security Operations and Governance, Risk and Compliance teams to maintain compliance that meets or exceeds required standards.
- Assist in improving and automating existing vulnerability management lifecycle. Including but not limited to data ingestion & normalization, compliance metrics and detections on assets.
- Assist in partnering with tools and technology teams to troubleshoot, develop, select, implement, and automate appropriate security solutions to protect system data from internal and external threats.
- Scale systems sustainably through mechanisms like automation and evolve systems by pushing for changes in reliability, security, and velocity.
- As necessary, review web, operating system and container scans in conjunction with Splunk report for status and remediation of vulnerabilities within various environments.
- Assist in working with the various teams to effectively communicate the risks of identified vulnerabilities and make recommendations to mitigate identified risks.
- Stay current with vulnerability information across all the products in the environments.
- Provide technical support for vulnerability management and continuous monitoring projects.
- Provides analysis and validation post remediation, identify opportunities for improvements and out of the box thinking for optimizations and solving road blocks.
- Assist in ensuring scan results are presented in appropriate dashboards, reports, and forwarded to other data systems as necessary.
- Assist in the initial triage of vulnerabilities to produce actionable items for Vulnerability Management Teams, Operations Teams, and if necessary, escalation of findings.
- Assign and track vulnerability findings to appropriate teams via ticketing systems.
- Participate in various assessment and certification processes via interviews and evidence collection.
- Work with Cloud engineering teams to meet federal, state and local regulations and compliance requirements.
GENERAL QUALIFICATIONS:
- Bachelor’s Degree in Computer Science / MIS / Information Technology, or equivalent experience in Information Security, Information Technology, or related technical discipline
- Experience with best practice identification and response to operating system and web application vulnerabilities, such as patching or otherwise mitigating known security issues.
- Ability to communicate complex security vulnerabilities to various audiences ranging in technical knowledge.
- Experience with various scanning tools including but not limited to Nessus, WebInspect and/or container scanners such as Clair, Trivy, Grype
- Exposure to information security standards such as DISA STIGs or CIS. Previous work with immutable image deployments/architecture.
- Experience leading efforts across multiple groups and security boundaries toward common goals.
- Ability to debug and optimize code and automate routine tasks.
- Systematic problem-solving approach coupled with strong communication skills and a sense of ownership and drive.
- Experience in tracking and creating various metrics, KPIs or OKRs.
- Experience with SDLC and Release processes
- Knowledge with patching and vulnerability remediation processes
- Ability to adapt to a high paced environment and workload
Experience with one or more of the following:
- C, C ++, Java, Python, Go, Perl, Ruby, or shell scripting.
- Experience working in a Cloud Environment – AWS, Azure, GCP
- Experience with JIRA Ticketing System Information Technology
- Experience with Service Now Ticketing System
- Experience working with containers or Kubernetes
- Experience with Unix / Linux/Windows operating system internals and administration (e.g., filesystems, inodes, system calls, hardening) and networking (e.g., TCP / IP, routing, DNS, network topologies, SDN).
- Understanding and practice with security frameworks such as NIST 800-53, NIST 800- 171, SOC 1 or SOC 2, or PCI
- Knowledge of Best Practice and security guides (ex. NIST 800-53 rev 4, NIST 800-53, FedRAMP)
- CompTIA Security+.or equivalent certification
Apply to this Job
First Name *
Last Name *
Email
Phone
Yes
No
Toggle Filters
Job Type
Remote Status
Create a Job Alert
Get notified about new listings!
Submit a Resume
Can't find the job you want?
Submit a general applicationSystem Security Analyst (ConMon)
Featured
Herndon, VA
Direct Hire
System Security Analyst
Location of Services: Herndon, VA 20171 (4 Days Remote)
Employment Type: FTE + Benefits
The client supports the FedRAMP and FISMA authorization(s) of new Cloud Products and 3rd Party Applications in our various cloud environments. This effort requires security testing/assessment support, the knowledge/development of the appropriate security documentation (i.e., System Security Plan (SSP), plans and procedures), and ongoing continuous monitoring activities. This position is hybrid position working in-office one day a week.
This role serves as
System Security Analyst
Featured
Herndon, VA
Direct Hire
System Security Analyst (FedRAMP)
Location of Services: Herndon, VA 20171 (1 day a week)
Employment Type: FTE + Benefits
Remote: 4 days a week
Client is supporting the FedRAMP and FISMA authorization(s) of new Cloud Products and 3rd Party Applications into various cloud environments. This effort requires security assessment support, the knowledge/development of the appropriate security documentation (i.e., System Security Plan (SSP), plans and procedures), and ongoing continuous monitoring activities. This position is majority remote (post-pandemic).
This role serves
Security Development Engineer
Featured
Herndon, VA
Direct HireHybrid
Security Development Engineering
Location: Herndon, VA (Hybrid)
Employment Type: Full-time with Benefits
Security Clearance: Not Required
Citizenship: U.S. Citizenship Required
SecDevOps exists to bridge the gap between Security and Engineering. The position serves as the technical points of contact for security related activity that needs engineering or development focus. This position will be a hybrid position, and will require on-site attendance as required (i.e., training, assessment participation, team meetings, etc.).
This role serves as a “hands-on” mid
Network Systems Engineer
Featured
Washington, DC
Direct Hire
Network Systems Engineer
Locations: Washington, DC 20376 (WNY)
Clearance Requirement: Secret
Employment Type: Full-time with benefits
Salary: $80,000 -$100,000
A leading provider of Smart Base / Smart Facilities solutions to Government and Military customers in the U.S. and international markets is seeking an experienced Network Systems Engineer.
POSITION REQUIREMENTS:
Provide proactive network management support for a medium to large-scale hybrid cloud network environment that integrates diverse and disparate electronic data, sensors and related systems and provides analytics
Solutions Architect/Application Developer
Featured
Washington, DC
Direct Hire
Solutions Architect/Application Developer
Location: Teleworking 95%
Clearance Requirement: None
Employment Type: Full-time with benefits
A Sr. technical expert on software engineering with modern and cloud technologies is needed to pave the way to better healthcare to providers. This will serve as Sr. technical lead and primary architect for the development and maintenance of various scales of information systems. Advise and lead Sr. and associate developers in system design, technology adaption, and security implementation. Work with directors and Sr. management
Sr Security Development Engineering
Featured
Herndon, VA
Direct HireHybrid
Senior Security Development Engineering
Location: Herndon, VA (Hybrid)
Employment Type: Full-time with Benefits
Security Clearance: Not Required
Citizenship: U.S. Citizenship Required
SecDevOps exists to bridge the gap between Security and Engineering. The position serves as the technical points of contact for security related activity that needs engineering or development focus. This position will be a hybrid position, and will require on-site attendance as required (i.e., training, assessment participation, team meetings, etc.).
This role serves as a “hands-on
Solutions Architect | TS/SCI Poly
3/4/2025
Ft Meade, MD
Direct Hire
Solutions Architect
Location: Fort Mead/Annapolis Junction Clearance Required: Active TS/SCI with Full Scope Poly General Scope Description :
Assist the customer in architecting and building big data and analytics applications
Assist the customer in scripting, building, and testing large scale storage related applications
Assist the customer in evaluating, planning, and migrating applications to AWS Cloud
AWS skills needed:
Conversant in all 4 AWS core technologies
Compute
Storage
Network including creating & troubleshooting private & public subnets
Database
Experience with simple CloudFormation
Sr. Application Developer | TS/SCI CI Poly
3/4/2025
Frederick, MD
Direct Hire
Sr. Application Developer
Location- Ft Detrick, MD
Brief Description:
Seeking a Sr. Application Developer to build intuitive user interfaces for several enterprise systems related to world health events. This is an opportunity to have a major impact in supporting the Defense community with necessary medical intelligence. We embrace Agile values and use continuous integration inside of a robust DevOps environment. The successful candidate will be expected to think creatively, and use judgment to prioritize multiple efforts to meet evolving world
Data Engineer / Analytics | TS/SCI
10/3/2023
Springfield, VA
Direct Hire
Location: Springfield, VA 22150
Clearance: TS (SCI eligible)
Employment Type: Fulltime, Direct Hire w/ benefits
The customer is an Intelligence Agency (IA) delivering world-class geospatial intelligence providing a decisive advantage to policymakers, war-fighters, intelligence professionals and first responders. The customer enables all of these critical actions and shapes decisions impacting our world through the indispensable discipline of geospatial intelligence (GEOINT). Our customer is a unique combination of intelligence and combat support agency. It is the world leader in
Cyber Security Systems Engineer
10/3/2023
Herndon, VA
Direct Hire
Cyber Security Systems Engineer
Location of Services: Herndon, VA 20171 (near Dulles Airport)
Employment Type: FTE + Benefits
Roles and Responsibilities:
The Cyber Security Engineer configures, maintains, administers and deploys a wide range of cyber security technologies such as Intrusion Prevention Systems, Intrusion Detection Systems, vulnerability scanners, network mapping tools and the related servers, databases and circuits. Provide technical leadership in the architecture, design, deployment, management, configuration and use of Cyber Security Technology in response to malicious activity directed toward enterprise
Loading Jobs...
