DevSecOps Engineer

Company: Lynker Corporation
Location: Leesburg
Posted on: February 1, 2025

Job Description:

OverviewLynker Corporation is a leading provider of innovative solutions in weather and climate science. With a commitment to excellence and a passion for innovation, Lynker leverages cutting-edge technologies and scientific expertise to support the creation and delivery of improved operational weather forecasts. Lynker is currently seeking a sharp and talented DevSecOps Engineer to play a critical role in embedding security into every stage of the software development lifecycle for NOAA's Office for Coastal Management (OCM). The ideal DevSecOps Engineer will have 3+ years of experience in DevSecOps or related fields, with a strong understanding of cloud platforms, security, automation, secure coding practices, and programming skills extensive enough to implement automation.ResponsibilitiesDuties of the DevSecOps Engineer will include the following:

• Collaborating with development, operations, and security teams to integrate security into the CI/CD pipeline using GitHub Actions
• Implementing security automation tools and processes
• Automate security tasks using Python/Node.js/Go and Bash scripting
• Developing and enforcing security policies and best practices
• Monitoring and analyzing security vulnerabilities, incidents and findings
• Performing regular security assessments and code reviews
• Work with developers to ensure security findings are handled in a timely manner
• Design and implement penetration testing suite to implement "attack vectors" against our application and infrastructure portfolio to proactively identify any vulnerabilities.
• Administration and maintenance of secrets management system like Bitwarden
• Regularly audit all repositories and organizations in GitHub to make sure they are following established security and privacy practices
• Stay up-to-date with the latest security threats and technologies
• Participate in incident response and disaster recovery planningSecondary Responsibilities of the DevSecOps Engineer will include the following:
  • Work with DevOps team to help with day to day automation tasks using GitHub Actions
  • Provide support for maintaining our automation infrastructure in GitHub Actions
  • GitHub User and Repository administration based on existing policies
  • Audit GitHub Organizations and Wiki pages to ensure documentation coverageQualificationsThe DevSecOps Engineer selected should have the following skillsets/qualifications:
    • Proficiency with Linux systems
    • Strong programming skills in scripting languages like Bash and one or more of Python/Node.js/Go
    • Experience with pen testing tools available in Kali Linux
    • Proficiency with Docker and related tooling
    • Proficiency with CI/CD tools such as GitHub Actions or similar
    • Experience with Azure Cloud (or equivalent AWS and GCP)
    • Good understanding of typical developer workflows
    • Good understanding of network architecture to identify security vulnerabilities
    • Excellent written and verbal communication skills
    • Experience with identifying, investigating and mitigating common attack vectors like DDoS, MITM, XSS, SQL Injections, Session Hijacking, etc.
    • Experience with reviewing common authentication mechanisms like session cookies and JWT authentication in software development projects
      • Bachelor's degree in computer science or related field and 3+ years of experience in DevSecOps or DevOps or similar automation roles.
      • Professional and technical certification programs may be substituted for years of education, based on credit hour equivalents.
      • Proven experience and references can also be substituted for years of education.The Ideal DevSecOps Engineer will have the following:
        • Some experience with Kubernetes and security practices around it
        • Familiarity with all GitHub Offerings and ecosystem
        • Experience with Burp Suite Enterprise Edition
        • Expertise in writing complex automation workflows using GitHub Actions
        • Experience with Palo Alto firewall
        • Experience with Nginx and log analysis
        • Previous developer experience
        • Open Source Contributions
        • We love stack overflow reputationAbout LynkerLynker is a growing, employee-owned, small business, specializing in professional, scientific and technical services. Our continually expanding team combines scientific expertise with mature, results-driven processes and tools to achieve technically sound, cost-effective solutions in hydrology/water sciences, geospatial analysis, information technology, resource management, conservation, and management and business process improvement.We focus on putting the right people in the right place to be effective. And having the right people is critical for success. Our streamlined organization enables and empowers our talented professionals to tackle our customers' scientific and technical priorities - creatively and effectively.Lynker offers a team-oriented work environment, and the opportunity to work in a culture of exceptionally skilled and diverse professionals who embrace sound science and creative solutions. Lynker's benefits include the following:
          • Comprehensive healthcare for the employee at no monthly cost
          • Healthcare benefit covers medical, prescription drug, dental, and vision
          • Personal Time Off (PTO) Policy plus paid holidays
          • Highly competitive compensation plan regularly calibrated against industry and location benchmarks
          • 401(k) retirement plan with company-matching
          • Employee Stock Ownership Plan (ESOP) - we're all company owners!
          • Flexible spending accounts
          • Employee assistance program (EAP)
          • Short- and long-term disability insurance
          • Life and accident insurance
          • Tuition assistance/Training/Workforce improvement reimbursement per year
          • Spot bonuses for exceptional performance
          • Annual Employee Recognition Awards with bonuses
          • Employee Referral Program
          • Free centralized, self-directed Learning Management System to learn at your own pace
          • Personalized career growth plans for every employeeLynker is an E-Verify employer.Lynker is proud to be an Equal Opportunity Employer and encourages women, minorities, individuals with disabilities and veterans to apply.
            #J-18808-Ljbffr

Keywords: Lynker Corporation, Towson , DevSecOps Engineer, Engineering , Leesburg, Maryland