Dev/Sec Ops Junior
ISYS Technologies delivers emerging technology solutions through our diverse and talented employees who are dedicated to our customers’ success. We empower our teams, contribute to our country and operate responsibly. We are a reputable award-winning WOSB providing Engineering and Enterprise Information Technology (EIT) services to the Federal government. Headquartered in Colorado, ISYS serves key national customers throughout the United States with a presence in more than 16 states.
- Assist with gathering requirements, design, codify, integrate and implement secure solutions that support business functionality as well as the underlying infrastructure required to run and deploy those solutions
- Apply secure development/coding to include; but not limited to, cloud technology, internet servers, application whitelisting, virtualized containers, web-enabled database applications, network security, security engineering, data integrity, intrusion detection, firewall management, forensic and legal information security, virtual private networks, public key/infrastructure/digital signatures, encryption, network security architecture and Policy.
- Champion security by injecting security concerns into the existing development workflow; build security thinking into every stage of software development
- Coordinate with teams across the enterprise on the migration of existing IT services to the cloud; identify security technical requirements, potential problems and issues, and participate on agile software development teams.
- Support capabilities by customizing tools and automating processes for IR analysts
- BS degree Science, Technology, Engineering, Math or related field and 5+ years of prior relevant software engineering or devops experience. Familiarity with software development life cycle models and agile programming methodologies
- Possess the technical skills and experiences with Cloud Service (AWS,Azure, etc), continuous delivery systems and enhancing operations through automation. The ideal candidate will also have experience leading and mentoring junior members
- Previous professional experience with performing integrated quality assurance testing for security functionality and resiliency to attacks
- Previous professional experience with secure programming and identify potential flaws in codes to mitigate vulnerabilities
- Applies coding and testing standards, security testing tools (including ‘fuzzing’ static-analysis code scanning tools), Identify common coding flaws, threat modeling, and conducts code reviews.
- Perform or support penetration testing as required for new or updated applications
- Recognize security implications in the software/code acceptance phase, including completion criteria, risk acceptance and documentation, common criteria, and methods of independent testing
- Participate in network and system design to ensure implementation of appropriate systems security policies, designs and implement systems security and data assurance
- Take an approach of; plan, code, build, test, release, deploy and monitor when writing software to automate security tasks
- Knowledge of Source Code Management concepts (code lines, branching, merging, integration, versioning, etc.)
- Excellent problem solving, analytical skills and technical troubleshooting skills
- Ability to work with customers/stakeholders, developers, testers, project managers, support staff
- Experience acquiring in-depth understanding of large complex software systems to isolate defects, reproduce defects, assess risk and understand varied customer deployment
- Advanced working knowledge of the following:encryption algorithms, secure communications, network and data communication protocols, familiar with standard concepts, practices, and procedures within a particular field such as NIST, FISMA and Common Criteria regulations and standards.
- AWS Solutions Architect, DevOps Certs, RHCE
- Orchestration of Cloud infrastructure (Infrastructure as Code)
- Advance Degree in Computer Science or Computer Engineering
- Knowledge of these tools:
- Black Duck
- Aqua Sec
US Citizenship is required.
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job with or without reasonable accommodation.
While performing the duties of this job, the employee will regularly sit, walk, stand and climb stairs and steps. May require walking long distance from parking to work station. Occasionally, movement that requires twisting at the neck and/or trunk more than the average person, squatting/ stooping/kneeling, reaching above the head, and forward motion will be required. The employee will continuously be required to repeat the same hand, arm, or finger motion many times. Manual and finger dexterity are essential to this position. Specific vision abilities required by this job include close, distance, depth perception and telling differences among colors. The employee must be able to communicate through speech with clients and public. Hearing requirements include conversation in both quiet and noisy environments. Lifting may require floor to waist, waist to shoulder, or shoulder to overhead movement of up to 20 pounds. This position demands tolerance for various levels of mental stress.
ISYS Technologies is an Engineering and Information Technology Company focused on providing Services to the Federal and State Government. ISYS offers a competitive compensation program and comprehensive benefits package to our employees.