Job description

Description ViaTrie LLC (ViaTrie) has an immediate need for a DevSecOps Engineer for a project supporting our client, the U.S. Government Accountability Office (GAO). We are seeking a qualified Azure DevSecOps Engineer responsible for all aspects of DevSecOps with a strong foundation in Infrastructure as Code and Linux deployments, and an ability to collaboratively work with our team. This is a 100% remote position; however, you must be a U.S. citizen (no dual citizenships, Green cards or H1-Bs) based in the U.S. and able to obtain a Federal Government Security Clearance, and be willing and able to work core business hours 8 AM – 5 PM (Eastern) M-F. Occasional weekend or off-hours commitments may be expected for deployment support. Primary Responsibilities The successful candidate will be part of a cross-functional team and will possess strong analytic experience, solid technical skills and excellent communication skills within all DevSecOps activities, including planning and implementation functions across an enterprise-wide on-prem to cloud services program. Our team is creating cloud capabilities across GAO. As a DevSecOps Engineer, we need you to analyze performance characteristics and design estimates and build out environments to satisfy GAO objectives. GAO aims to modernize its IT solutions to realize the benefits of new design approaches, features, and functionalities like modular builds, loose coupling, micro services, containers, cybersecurity resilience, access controls, and disaster recovery. Modern solutions must be future-ready, adaptable, resilient, responsive to changing business needs, and be able to shift away from on premises infrastructure to cloud architecture, which may include hybrid cloud services. You will work with our GAO team to analyze solution options and plan and build activities. We aim for high-touch, transparent, standards-based and compliance solutions for our customers. Our program includes projects that vary from engagement to engagement as we research current environments to propose new technical solutions and architectures. Our solutions include both large- and small-application portfolios with a goal to design with DevSecOps paradigms in mind. Duties And Responsibilities Include • Create, develop, and implement Infrastructure as Code (IaC) solutions and patterns for GAO environments and applications. • Identify the needs for build automation, designing, and implementing CI/CD solutions. • Create plug-and-play/reusable solutions and patterns for CI/CD pipelines. • Create, develop, and implement automation and system integration for various build platforms. • Publish and disseminate CI/CD best practices, patterns, and solutions. • Build or maintain CI/CD building blocks and shared libraries proactively for app and development teams to enable quicker build and deployment. • Design action plans to address CI/CD platform/tools/solutions’ shortcomings and difficulties. • Ensure incident tracking tools are updated in accordance with established norms and processes, gather all essential data and document any discoveries and concerns. • Align with technological Systems/Software Development Life Cycle (SDLC) processes and industry-standard service management principles (SAFe Agile) Requirements Required • 7+ years of related job experience, with a minimum of 5 years in a Federal IT ecosystem • Well versed with Linux OS, UBI “Container Image”, Docker, and shell scripting • Experience in Azure cloud technologies • Experience with Azure Kubernetes platform • Comprehensive technical expertise in a variety of DevSecOps toolkits, for example: Ansible, GitHub Actions, Jira, SonarQube, ZAP, Trivy, Terraform, Git/Version Control Software, Splunk. • Experience with Azure-based container image scanning, addressing vulnerabilities, networking debug tools • Understanding and experience with automated Azure alerting and monitoring, including Kusto Query Language (KQL) queries to debug issues in Analytics logs • Familiarity with information security frameworks and standards.? • Experience with RedHat eco-system including Redhat Linux, Satellite, and UBI8 containers. • Ability to express technical information clearly at different organizational levels. Preferred Qualifications • Good working knowledge of and experience with FISMA and implementing Fed RAMP standards and compliance requirements (NIST). • Experience working with Sonatype Nexus • Experience in AWS DevSecOps tooling like CloudFormation • Experience with cloud migration projects for custom applications. • Experience with Agile release methodology. • Expert working knowledge of the Microsoft Office product suites. • Experience with cloud operations and management best practices for optimized, cost-effective cloud deployments. • Good interpersonal skills including the ability to collaborate effectively, combined with excellent written and oral communication skills in English. • Bachelor’s degree in computer science, information technology or related discipline.

Requirements