Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and mitigate cyber threats to CBP networks. The CBP SOC is responsible for the overall IT security of CBP Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed IT security violations. Leidos has an immediate need for the DevSecOps Engineer Lead to support the CBP SOC Program. Duties and Responsibilities will include: Analyze
user needs and software requirements to determine feasibility of design
within time and cost constraints.
coding and testing standards, security testing tools (including 'fuzzing'
static-analysis code scanning tools), threat modeling, and conducts code
trial runs of programs and software applications to ensure the desired
information is produced and instructions are correct.
factors such as reporting formats required, cost constraints, and need for
security restrictions to determine hardware configuration.
security issues around steady state operation and management of software.
security measures that must be taken when a product reaches end of life.
integrated quality assurance testing for security functionality and
secure programming and identify potential flaws in codes to mitigate
vulnerabilities. Apply comprehensive knowledge of
Information Security issues to include; but not limited to, cloud technology,
internet servers, web-enabled database applications, network security, security
engineering, data integrity, intrusion detection, firewall management, forensic
and legal information security, virtual private networks, public
key/infrastructure/digital signatures, encryption, network security
architecture and DHS Policy. Recognize
security implications in the software acceptance phase, including
completion criteria, risk acceptance and documentation, common criteria,
and methods of independent testing. Perform
penetration testing as required for new or updated
interact with API driven security technologies to automate security tasks
(e.g., VirusTotal, Splunk ES, Tanium, etc.) aimed at removing human errors and
EDUCATION & EXPERIENCE: BS degree and 12 - 15 years of prior relevant experience or Masters with 10 - 13 years of prior relevant experience. Must have an active Secret Level Clearance. A minimum of 5 years of experience in Cyber Security.2+ years of hands on experience in implementing/maintaining security in a CI/CD pipeline.Experience in the design and automation of security tools and processes.One of the following certifications:CCSP, CCSK, CSSLP, CISSP, CEH or similar