Sr. DevSecOps Engineer

Acuity is seeking a Sr. DevSecOps professional to support one of our Flagship contracts with over 6+ years of experience and a strong background in implementing Kubernetes environments, plus experience with DevOps methods and practices.

Candidates MUST reside in DC or VA and be available to work onsite in Herndon, VA. On-site requirements are three days a week with occasional travel to Washington DC for required meetings.

• Performing infrastructure security reviews, threat modeling, and risk analysis for systems built on AWS and deployed via infrastructure-as-code tools like AWS CloudFormation.
• Implementing and managing security controls within AWS including IAM, VPCs, security groups, WAF, encryption, audit logging, etc.
• Performing static and dynamic analysis on source code using tools like Anchor/Grype, SonarQube, and Syft to catch security issues early.
• Integrating security tools like secrets management, SAST, DAST, and dependency scanning into CI/CD pipelines in GitHub Enterprise and AWS CodePipeline.
• Building and configuring hardened Linux server images using tools like Packer that follow security best practices.
• Implementing security monitoring and runtime protection for containers and services running on AWS ECS.
• Helping define security requirements and compliance controls for regulated workloads built on AWS services like RDS Aurora.
• Creating and managing infrastructure security policies as code via tools like Open Policy Agent.
• Triaging and resolving security issues, working with developers and ops teams to implement fixes and improvements.
• Keeping up-to-date with the latest cloud security best practices and threats.

• DevOps methods and practices (3+ years’ experience)
• Amazon Web Services (6+ years of experience) 
• Kubernetes environments and implementation (5+ years of experience) 
• Experience with Infrastructure as Code, including Terraform, Cloud formation and CDK.
• Experience with AWS CI/CD stack of Code Commit, Code Build, CodeDeploy and Code Pipeline
• Experience with Configuration as Code, including AWS SSM, Ansible, PowerShell, or Bash
• Monitoring log and System performance using tools like Grafana, Datadog, and Prometheus.
• Experience with multiple CI/CD and Agile Development tools, including GitLab, Atlassian, or Jenkins
• Experience working within an Agile and version-controlled environment, including associated policies and best practices.

Preferred Experience:

• Design, Implement, and manage SIEM tools.

 Clearance Requirement:

• Must have active Secret or above security clearance

About Acuity Inc:

Acuity is a leading management and technology consulting firm that specializes in serving the federal government. Our innovative, collaborative, and rewarding work environment has earned repeat honors from the Washington Business Journal’s “Best Places to Work”, Washington Post’s “Top Workplace”, and SmartCEO Corporate Culture awards. 

We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law.

#CB

#LI-MD1