Raytheon Technologies DevSecOps Engineer in Washington, District Of Columbia
Raytheon has an immediate opening for a DevSecOps Engineer to enable mission accomplishment by supporting cloud cybersecurity of respective c loud service provider and FedRamp environments providing cloud security services to Government Agencies within commercial or private cloud environment or any hybrid or physical and virtual resources . The ideal candidate for this job will be an experienced DevSecOps engineer who is goal-oriented and strives to exceed expectations.
Location: NASA Stennis Space Center, Mississippi or Washington DC Metro Area
Determines, develops, or manages DevSecOps and Agile deployment solutions and has experience serving as the engineer of complex technology implementations in a cloud-based or hybrid cloud product-centric environment.
Responsible for bridging the gap between legacy development or operations team and work toward a shared culture and vision.
Works to provide stakeholders and developers with improved automation tools, ensuring system uptime and performance.
Deploys and manages services configuration and automation solutions using:
Infrastructure as a Service (IaaS)
DevSecOps supporting solution
Uses Scripting or basic programming skills to:
Management of open source monitoring tools
Configuration management tools (e.g., Puppet, Chef, Ansible, Salt)
Architecture for continuous integrations and deployment
Expert knowledge and experience with containerization technologies.
Performs and supports operations and maintenance of applications and solutions.
Deep understanding of how security impacts each stage of the development pipeline and the final product or service.
Have the technical proficiencies and familiarity in DevSecOps culture, and have a keen interest in cybersecurity and up-to-date knowledge of threats and trends.
Ability to be team players with proficient communication skills and with thorough understanding of how security impacts each development phase and services.
Experience with many tools and techniques like risk assessment, threat modeling, and cybersecurity to detect and analyze the threats.
Experience in designing countermeasures to identified security risks, security controls based on cybersecurity principles and tenets, integration of hardware and software solutions.
Skill in discerning the protection needs (i.e., security controls) of information systems and networks, evaluating the adequacy of security designs, conducting audits or reviews of technical systems.
Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation), integrating and applying policies that meet system security objectives.
Knowledge of and practical experience of integration of COTS or open source tools
Personality traits: Naturally curious and inquisitive nature; persistent and determined; loves solving problems and puzzles; analytically rigorous; uncompromising integrity
Demonstrated ability to document processes
Proficiency with MS Office Applications
Must be able to work collaboratively across teams and physical locations
Willing to work rotating shifts
The DevSecOps Engineer, provides:
Technical/Management leadership on major tasks or technology assignments.
Responsible for software development, recognizing the security threats, and configuring the network infrastructure and up-to-the-minute details of cybersecurity threats and the latest software.
Possess knowledge of the implementation of risk assessment techniques and the latest security best practices.
Has domain and expert technical knowledge.
Come up with customized tools for security purposes in DevSecOps.
Well-versed in at least one of the programming languages like Java, PHP, Python, Ruby, and Perl.
Possess knowledge of AWS, Docker, Kubernetes, and how to implement developer tools such as GitHub and Dependency management.
Has sufficient knowledge to operate various configuration management tools such as Chef, Puppet, Ansible , and Salt.
Has sufficient knowledge with DevSecOps on AWS, Cloud Computing (IaaS, PaaS, SaaS), Identity Access Management (IAM), Infrastructure as a Code (IaC) and its security, Patch management, Secure Monitoring, and compliance.
Interactions involve client negotiations and interfacing with senior management.
Decision-making and domain knowledge may have a critical impact on overall project implementation.
May supervise others.
Requirement is for 5 or more years of experience directly relating to role of the labor category.
The position requires a Bachelor's degree in Computer Science, or Information Systems, or Information Assurance, or Cybersecurity, Engineering, or a related STEM discipline.
The DevSecOps engineer must possess at least one relevant professional designation or related advanced IT certification , but not limited to the following:
Certified Information Systems Security Professional (CISSP)
Certified DevSecOps Professional (CDP)
Certified DevSecOps Expert (CDE)
CISSP Information Systems Security Architecture Professional (CISSP-ISSAP)
CISSP Information Systems Security Engineering Professional (CISSP-ISSEP)
Systems Security Certified Practitioner (SSCP)
GIAC Certified Incident Handler (GCIH)
GIAC Network Forensic Analyst (GNFA)
GIAC Intrusion Analyst (GCIA)
Experience working on a 24x7x365 watch desk environment
Experience with industry standard help desk tools
SIEM content Analysis, Development and Testing
Experience with SIEMS tools
Familiarity with packet analysis to include: HTTP Headers & Status codes, SMTP Traffic & Status codes, FTP Traffic & Status Codes
Excellent written and verbal communication skills
Prior experience working in any of the following:
Security Operations Center (SOC)
Network Operations Center (NOC)
Computer Incident Response Team (CIRT)
Current experience with network intrusion detection and response operations (Protect, Defend, Respond and Sustain methodology)
Experience in the detection, response, mitigation, and/or reporting of cyber threats affecting client networks, applications and one or more of the following:
Experience in computer intrusion analysis and incident response
Working knowledge of Intrusion detection/protection systems
Knowledge and understanding of network devices, multiple operating systems, and secure architectures
Working knowledge of network protocols and common services
System log analysis
Certified DevSecOps Architect (CDA)
Certified DevSecOps Leader (CDL)
Certified Wireless Network Expert (CWNE)
GIAC Certified Enterprise Defender (GCED)
GIAC Security Expert (GSE)
GIAC Information Security Professional (GISP)
Certified Information Security Manager (CISM)
Certified Ethical Hacker (CEH)
Certified Network Defense Architect (CNDA)
ITIL v3 Foundations certification
GIAC Information Security Fundamentals (GISF)
US Citizen capable of obtaining DHS Suitability and a TS/SCI clearance
Occasional travel within CONUS is required
This position is contingent on contract award and requires a U.S. Person who is eligible to obtain any required Export Authorization.177227
Raytheon is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, age, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.