Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and mitigate cyber threats to CBP networks.
The CBP SOC is responsible for the overall IT security of CBP Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed IT security violations.
Leidos has an immediate need for the Lead SecDevOps Engineer to support the CBP SOC Program.
Duties and Responsibilities will include:
- Analyze user needs and software requirements to determine feasibility of design within time and cost constraints.
- Applies coding and testing standards, security testing tools (including 'fuzzing' static-analysis code scanning tools), threat modeling, and conducts code reviews.
- Conduct trial runs of programs and software applications to ensure the desired information is produced and instructions are correct.
- Evaluate factors such as reporting formats required, cost constraints, and need for security restrictions to determine hardware configuration.
- Identify common coding flaws.
- Identify security issues around steady state operation and management of software.
- Incorporate security measures that must be taken when a product reaches end of life.
- Perform integrated quality assurance testing for security functionality and resiliency attacks.
- Identify potential flaws in codes to mitigate v ulnerabilities.
- Apply comprehensive knowledge of Information Security issues to include; but not limited to, cloud technology, internet servers, web-enabled database applications, network security, security engineering, data integrity, intrusion detection, firewall management, forensic
and legal information security, virtual private networks, public key/infrastructure/digital signatures, encryption, network security architecture and DHS Policy.
- Recognize security implications in the software acceptance phase, including completion criteria, risk acceptance and documentation, common criteria, and methods of independent testing.
- Perform penetration testing as required for new or updated applications.
EDUCATION & EXPERIENCE:
BS degree and 12 - 15 years of prior relevant experience or Masters with 10 - 13 years of prior relevant experience.
Must have an active Secret Level Clearance and be able to pass a DHS BI.
A minimum of 5 years of experience in Cyber Security.2+ years of hands on experience in implementing/maintaining security in a CI/CD pipeline.
Experience in the design and automation of security tools and processes.
One of the following certifications: CCSP, CCSK, CSSLP, CISSP, CEH or similar