Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and mitigate cyber threats to CBP networks. The CBP SOC is responsible for the overall IT security of CBP Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed IT security violations.
Leidos has an immediate need for a Junior Development Security Operations (Dev/Sec/Ops) Engineer to support the CBP SOC Program.
The Junior Dev/Sec/Ops Engineer will gather requirements, codify and integrate secure solutions that support business functionality as well as the underlying infrastructure required to run and deploy those solutions.
- Apply secure development/coding to include; but not limited to, cloud technology, internet servers, application whitelisting, virtualized containers, web-enabled database applications, network security, security engineering, data integrity, intrusion detection, firewall management, forensic and legal information security, virtual private networks, public key/infrastructure/digital signatures, encryption, network security architecture and DHS Policy.
- Support SOC capabilities by customizing tools and automating processes for SOC and IR analysts.
EDUCATION & EXPERIENCE:
BS degree Science, Technology, Engineering, Math or related field and 2 to 4 years of prior relevant software engineering or devops experience. Familiarity with software development life cycle models and agile programming methodologies.
Must have at minimum a Secret Level Clearance.
- Should be familiar with Cloud Service (AWS,Azure, etc), continuous delivery systems and enhancing SOC operations through automation.
- Previous experience with performing integrated quality assurance testing for security functionality and resiliency to attacks.
- Experience with secure programming and identify potential flaws in codes to mitigate vulnerabilities.
- Applies coding and testing standards, security testing tools, identify common coding flaws, threat modeling, and conducts code reviews.
- Perform or support penetration testing as required for new or updated applications.
- Participate in network and system design to ensure implementation of appropriate systems security policies, designs and implement systems security and data assurance.
- Knowledge of Source Code Management concepts (code lines, branching, merging, integration, versioning, etc.)
- Problem solving, analytical skills and technical troubleshooting skills
- Ability to work with customers/stakeholders, developers, testers, project managers, support staff
- Should have knowledge of the following: Encryption algorithms, secure communications, network and data communication protocols.
- Familiar with standard concepts, practices, and procedures within a particular field such as NIST, FISMA and Common Criteria regulations and standards.
One or more of the following Certifications:
CEH, CISSP, CSSLP, GPEN, OSCP, AWS Solutions Architect, RHSA, GXPN, GWAPT
- AWS Solutions Architect, DevOps Certs, RHCE