Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and mitigate cyber threats to CBP networks.
The CBP SOC is responsible for the overall IT security of CBP Enterprise-wide information systems, and collects, investigates and reports any suspected and confirmed IT security violations.
Leidos has an immediate need for a Senior SecDevOps Engineer to support the CBP SOC Program.
Duties and Responsibilities will include:
- Analyze user needs and software requirements to determine feasibility of design within time and cost constraints.
- Applies coding and testing standards, security testing tools (including 'fuzzing' static-analysis code scanning tools), threat modeling, and conducts code reviews.
- Conduct trial runs of programs and software applications to ensure the desired information is produced and instructions are correct.
- Evaluate factors such as reporting formats required, cost constraints, and need for security restrictions to determine hardware configuration.
- Identify common coding flaws.
- Identify security issues around steady state operation and management of software.
- Incorporate security measures that must be taken when a product reaches end of life.
- Perform integrated quality assurance testing for security functionality and resiliency attacks.
- Identify potential flaws in codes to mitigate v ulnerabilities.
- Apply comprehensive knowledge of Information Security issues to include; but not limited to, cloud technology, internet servers, web-enabled database applications, network security, security engineering, data integrity, intrusion detection, firewall management, forensic
and legal information security, virtual private networks, public key/infrastructure/digital signatures, encryption, network security architecture and DHS Policy.
- Recognize security implications in the software acceptance phase, including completion criteria, risk acceptance and documentation, common criteria, and methods of independent testing.
- Perform penetration testing as required for new or updated applications.
EDUCATION & EXPERIENCE:
BS degree and 12 - 15 years of prior relevant experience or Masters with 10 - 13 years of prior relevant experience.
Must have an active Secret Level Clearance and be able to pass a DHS BI.
A minimum of 5 years of experience in Cyber Security.2+ years of hands on experience in implementing/maintaining security in a CI/CD pipeline.
Experience in the design and automation of security tools and processes.
One of the following certifications: CCSP, CCSK, CSSLP, CISSP, CEH or similar