DevSecOps Engineer
Company: Johns Hopkins Applied Physics Laboratory (APL)
Location: Laurel
Posted on: November 20, 2024
Job Description:
Description
Are you interested in creating new IT security capabilities and
learning new cybersecurity technologies?---- Do you want to have a
stake in the overall security posture and assessment of the IT
infrastructure?---- If so, we're looking for someone like you to
apply and join our team at APL!-- We are seeking a DevSecOps
Engineer to be part of APL 's Classified IT Services team. We
provide technical expertise to meet compliance and security
objectives in environments consisting of Computer Network Defense
(CND) tools such as Endpoint Security Solutions (ESS), Assured
Compliance Assessment Solution (ACAS), Comply-to-Connect (C2C), and
Device and Application Control. Our collaborative environment
promotes learning, growth, and fosters team spirit!-- As an
DevSecOps Engineer, you will...
- Analyze data that will improve the security posture of the
Collateral Networks and identify operational issues.
- Evaluate the effectiveness of current security systems and make
suggestions for improvement when necessary.
- Establish a framework to assess and improve current controls
and processes to the security system.
- Lead the effort for compliance in Network Access Control
(802.1x) and Comply to Connect
- Assist with the installation and maintenance of the ESS/Trellix
ePolicy Orchestrator (ePO) suite and associated modules in
accordance with the DoD-mandated baseline.
- Analyze logs and monitor authorized and unauthorized removable
devices and media on the network.
- Monitor alerts for specific events associated with VPN Gateways
or Firewalls associated with receives and drops of any unexpected
traffic which could indicate a compromise.
- Collaborate with audit analysts to monitor policy changes,
privileged user activities, and data transfers to ensure continuous
policy enforcement.
- Plan, communicate, and coordinate CND tools administration to
support requirements from diverse sources such as Security
Operations, DoD compliance/inspection readiness, Cyber Security
Services Provider (CSSP), and end-users.
- Support the Vulnerability Management Team to ensure the ACAS
security architecture, design, and implementation is in accordance
with DoD regulations and other governing documents.
Qualifications
You meet the minimum requirements if you have....
- A Bachelor's degree in Computer Science, Systems Engineering,
Information Systems, or a comparable field or equivalent years of
professional work experience in Information Technology (IT).
- Experience in performing security systems analysis and
monitoring.
- Experience in administering enterprise security tools and
capabilities including ESS and ACAS.
- Experience in both Windows and RHEL Operating Systems.
- Knowledge in assessing security controls based on cybersecurity
principles and tenets.
- Expertise in Network Access Control (802.1x).
- Have prior experience maintaining and operating ForeScout
CounterAct or other Comply-to-Connect solutions.
- Experience in the implementation of Security Technical
Implementation Guide (STIGs) for device hardening.
- Experience in incident response process with the ability to
effectively troubleshoot issues that can arise on a regular
basis.
- Self-starter capable of working effectively under minimal
guidance.
- Ability to obtain FCSA Comply to Connect (C2C) within 6 months
of hire.
- A current industry certification aligned to DoD Manual 8570,
01-M for IAT II (e.g., GSEC, Security+, CCNA-Security).
- Excellent oral and written communication skills, including
articulating and presenting highly technical information in a
comprehensible manner to all levels of management and staff.
- An active Secret security clearance and can obtain a Top
Secret. If selected, you will be subject to a government security
investigation and must meet the requirements for access to
classified information. Eligibility requirements include U.S.
citizenship. You 'll go above and beyond our minimum requirements
if you...
- A comprehensive understanding of Host-based Security Systems,
Device Control Solutions, and Security tools implementation.
- Experience in implementing and maintaining Application Control
solutions.
- Hands-on in-depth knowledge and experience in networking,
network security, VMware, Enterprise storage, server, data center
services, and other leading-edge products and technologies.
- Have prior experience utilizing Splunk to create custom queries
to analyze and respond to anomalies.
- A current industry certification aligned to DoD Manual 8140,
01-M for CSSP roles (e.g., CEH, GCIH, CISSP). Why work at APL? The
Johns Hopkins University Applied Physics Laboratory (APL) brings
world-class expertise to our nation's most critical defense,
security, space and science challenges. While we are dedicated to
solving complex challenges and pioneering new technologies, what
makes us truly outstanding is our culture. We offer a vibrant,
welcoming atmosphere where you can bring your authentic self to
work, continue to grow, and build strong connections with inspiring
teammates. At APL, we celebrate our differences and encourage
creativity and bold, new ideas. Our employees enjoy generous
benefits, including a robust education assistance program,
unparalleled retirement contributions, and a healthy work/life
balance. APL's campus is located in the Baltimore-Washington metro
area. Learn more about our career opportunities at .
About Us
APL is an Equal Opportunity/Affirmative Action employer. All
qualified applicants will receive consideration for employment
without regard to race, creed, color, religion, sex, gender
identity or expression, sexual orientation, national origin, age,
physical or mental disability, genetic information, veteran status,
occupation, marital or familial status, political opinion, personal
appearance, or any other characteristic protected by applicable
law. APL is committed to promoting an innovative environment that
embraces diversity, encourages creativity, and supports inclusion
of new ideas. In doing so, we are committed to providing reasonable
accommodation to individuals of all abilities, including those with
disabilities. If you require a reasonable accommodation to
participate in any part of the hiring process, please contact
Accommodations@jhuapl.edu. Only by ensuring that everyone's voice
is heard are we empowered to be bold, do great things, and make the
world a better place. -- The referenced pay range is based on JHU
APL's good faith belief at the time of posting. Actual compensation
may vary based on factors such as geographic location, work
experience, market conditions, education/training and skill level
with consideration for internal parity. For salaried employees
scheduled to work less than 40 hours per week, annual salary will
be prorated based on the number of hours worked. APL may offer
bonuses or other forms of compensation per internal policy and/or
contractual designation. Additional compensation may be provided in
the form of a sign-on bonus, relocation benefits, locality
allowance or discretionary payments for exceptional performance.
APL provides eligible staff with a comprehensive benefits package
including retirement plans, paid time off, medical, dental, vision,
life insurance, short-term disability, long-term disability,
flexible spending accounts, education assistance, and training and
development. Applications are accepted on a rolling basis.
Minimum Rate $90,000 Annually Maximum Rate $220,000 Annually
Keywords: Johns Hopkins Applied Physics Laboratory (APL), Rockville , DevSecOps Engineer, Engineering , Laurel, Maryland
Didn't find what you're looking for? Search again!
Loading more jobs...