Job Description

Job Title DevSecOps

Description

DevSecOpsAt ICF, we are fearless in finding new ways to solve problems, relentless in making sure it pays off for our clients and committed to making a positive change in the world. Join our community of management consultants, mission-driven technologists, data scientists, innovation researchers, CIO strategists, and public health researchers & evaluators to challenge the status quo. As we continue to expand our services and to support this growth, we are looking for a Management Consultant to join our Public Health Informatics and Technology business (PHIT). We provide technical assistance services to US Civilian Federal Agencies and their partners, such as the Centers for Disease Control and Prevention (CDC), National Center for Health Statistics (NCHS), Substance Abuse and Mental Health Services Administration (SAMHSA), and the Defense Health Agency (DHA). We are looking for a senior-level DevSecOps.We are interested in individuals who can demonstrate a real interest in DevSecOps implementation and be a Subject Matter Expert (SME) for assessment, recommendation, implementation combined with strong skills in project management, business development, analytical thinking, and excellent report writing. The position entails managing and contributing to projects such as Independent Verification and Validation (IV&V), Technology Assessment, Alternatives Analysis, Enterprise and Conceptual Architectures, DevSecOps processes, and other services supporting the CDC Office of the Chief Information Officer (OCIO) and broader Centers, Institutes, and Offices (C/I/Os). The projects and services support the CDC meet the objectives of the agencies Data Modernization Initiative (DMI). You will be working on multiple projects at a time, interacting with all levels of ICF staff and stakeholders.Key responsibilities:Understand the stakeholder needs and convey to developersPassion for increasing quality and driving business value while simultaneously decreasing the effort to get there by identifying manual DevOps processes that can be automatedPossess a bias for action when breaking down complex problems and tackling new technologiesBuild tools to reduce occurrences of errors and improve customer experience by supporting the goal of continuous update and development of code making systems faster and better while ensuring that systems are safe and secure against cybersecurity threatsDevelop an automated security framework for robust development of deployment tools, processes, and infrastructure leveraging various scripting languages and open-source solutionsProvide DevOps strategic objectives and tactical frameworks for CI/CD Agile development projectsSupport project team configuration and testing of CI/CD configurations based on continuous development and delivery best practices and technical implementationsDefine CI/CD work packages and assess the quality of the project teams work productsConduct analysis or assessment of the current internal and external DevOps implementation and recommend automation to improve development and release processes, efficacy, timelines, etc.Guide development teams in designing, building, testing, and automatically deploying new or existing softwareImprove best practices, code guidelines and work with software developers and software engineers to ensure that development follows established processes and works as intendedTest and examine code written by others, identify technical problems, analyze results, and make recommendations or automate processesPlan out projects and be involved in project management decisionsLeverage agile project management methodology to accelerate strategic execution of implementation plans with bi-weekly sprints developed from backlog of action itemsContribute on report-writing and presentationsDesign procedures for system troubleshooting and maintenanceProvide Level 2 technical support and assist with root cause analysisDevelop software/scripts to integrate with internal, back-end systems and to automate visualizationsConsider the organization's entire IT infrastructure when suggesting or making changes and improvements that enhance the client's IT infrastructure security protocols and contribute to predictable deployment of software and infrastructure in the client's cloud infrastructureStrong problem-solving attitude and Collaborative team spirit with an investigative mentality, decision making ability and a capacity for strategic and associative thinkingHighly developed, interpersonal skills and self-motivation coupled with a high level of attention to detail and accuracyAbility to appropriately target information across technical audiences, clients and executive leadersShare knowledge and thought leadership to the rest of the organization, including strategic technical direction as well as professional development opportunities. Senior-level: 4-5 yearsRequired Skills Include:Bachelor's degree in Computer Science, Engineering, related field, or equivalent experienceEight years of progressive experience as a DevSecOps engineer or similar software engineering role working with developers, DevOps and engineering teams in a dynamic environment to promote/implement the DevSecOps program throughout the organizationFive years of experience in data center infrastructure and cloud IaaS environments.Experience coordinating and performing vulnerability assessments using automated and manual tools (Tenable, NMAP, etc)Experienced with C/C++ programming and Bash, Ruby, Python, or other scripting languagesWorking knowledge of SQL and databases (both structured and unstructured)Extensive experience with various DevSecOps automation and configuration management tools, such as, Chef, Puppet, Ansible, Terraform, Git, GitHub, GitLab, Jenkins, TeamCity, TFS, Subversion, and DockerFamiliarity with Information Security Standards such as CIS, NIST, and RFC2196Understanding the security areas of Key Management Systems, Certificate Management, Encryption, Penetration Testing, Vulnerability Scanning, and Security and Monitoring toolsFamiliarity with API, Container, and Cloud SecurityKnowledge of PCI-DSS, HIPPA, SOX, GDPR and CCPA standards and policies and the associated certification and audit processesAuditing and Compliance certifications such as CISA, PCI-ISA and PCIPFamiliarity with Amazon and Azure Policy, Configuration, and Security Management toolsIntimate familiarity with architecting solutions on cloud computing platforms such as Azure or AWS Experience with security automation and machine learningExperience configuring, implementing and leveraging computer security and network diagnostic/monitoring toolsKnowledge of Windows and Linux patch management and related information security functions (authentication, iptables, SSL, Ciphers, etc.)Ability to work with APIs and Plugins to integrate security tools into established CI/CD pipelinesExperience with deploying monitoring and logging tools (e.g. WhatsUp Gold Nagios, PRTG, Splunk, etc.) Experience with containerization orchestration tools such as Kubernetes, Amazon ECS, Azure Container Services and/or OpenShiftThought leader on Continuous Integration & Continuous Delivery (CI/CD) in the software engineering process and can clearly articulate how any given DevSecOps approach facilitates these practices to drive business goalsStrong qualitative and quantitative evaluation and analytical skills (experience in impact assessments preferable)Strong problem-solving skills with an investigative mentality, decision making ability and a capacity for strategic and associative thinkingExceptional writing, editing and proofreading skillsExcellent oral and written EnglishHighly developed, interpersonal skills and self-motivation coupled with a high level of attention to detail and accuracyBusiness development experience, including leading or contributing to proposals.Preferred Skills include:DevSecOps Certified Professional (DSOCP)CISM, CISSP or other Security CertificationsFoundation certifications in AWS and AzureProcessional level certifications in AWS and Azure#P7H6T5Working at ICFWorking at ICF means applying a passion for meaningful work with intellectual rigor to help solve the leading issues of our day. Smart, compassionate, innovative, committed, ICF employees tackle unprecedented challenges to benefit people, businesses, and governments around the globe. We believe in collaboration, mutual respect, open communication, and opportunity for growth.We can only solve the world's toughest challenges by building an inclusive workplace that allows everyone to thrive. We are an equal opportunity employer, committed to hiring regardless of any protected characteristic, such as race, ethnicity, national origin, color, sex, gender identity/expression, sexual orientation, religion, age, disability status, or military/veteran status. Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals. For more information, please read our .COVID-19 Policy: New or prospective U.S. employees must provide proof of complete vaccination on the date of their commencement of employment. If selected for employment, you will provide proof of your full vaccination status, defined as vaccinated two weeks after receiving the requisite number of doses of a COVID-19 vaccine approved or authorized for emergency use by the FDA.Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process. To request an accommodation please email and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations. Read more about non-discrimination: and .Pay Range - There are multiple factors that are considered in determining final salary for

You have applied correctly

A message has been sent to the employer, you are going to receive the reply soon. Good luck!

You have applied correctly

The request has been sent correctly. However, we have seen that your resume is incomplete. We highly recommend you to fill it to let the employer know you. These are the fields you have empty: