DevSec Ops Manager
Req #: 212093
Location: Arlington, VA US
Job Category: Engineering and Technical Support
Minimum Security Clearance: Secret
What You'll Get to Do:
The DevSec Ops Manager role supports the product development activity so that all artifacts are available for inclusion in the deployment environment. The DevSec Ops Manager has to ensure that the CM environment facilitates product review, product changes and defect tracking activities. The DevSec Ops Manager is responsible for maintaining the customer's Configuration Management Plan and reporting progress statistics based on change requests. The candidate is expected to support our government client in deployments, lift & shift migrations and innovative cloud-based solutions. The candidate should be able to execute architecture blueprints and bring it to reality with a DevSecOps mindset & culture. A key portion of your job will be to help move from a traditional infrastructure deployment model to an infrastructure as code model with automation and monitoring via DevSecOps. The candidate should be able to build and configure build plans, code pipelines and create automated solutions that can be frame worked and re-used. Finally, the candidate should become a subject matter expert and evangelize the latest technologies and tools to provide better efficiency and solutions to other teams as the customer adopts cloud technologies.
* Highly knowledgeable of development techniques, change control processes, configuration audits, standards and industry publications related to configuration management;
* Document the interdependencies between all configuration items to build and maintain a CM Database to facilitate the effective evaluation of the impact and risks associated with each change request both independently and collectively using automated tools;
* Experience with coordinating multiple deployments to various environments;
* Experience in ISO methodologies;
* Analyze processes, recommend improvements, and write process documentation;
* Provide support to build, automated test, integration, and deployment of software baselines using DevSecOps and CI/CD best practices, including definition of processes, metrics, tools selection and automation;
* Experience with VM Server management;
* Rapid response to troubleshoot and triage production issues;
* Apply information security best practices and respond to security events;
* Working knowledge of server-based storage, Data Center Operations, infrastructure, and development (test, dev. and prod) environments;
* Ability to work as part of an agile development team as the customer migrates to cloud technologies.
* Build consensus among various stakeholder organizations on the standards, procedures, and processes related to configuration management and coordinate their joint development;
* Provide expertise in developing and maintaining configuration management plans, and scheduling and documenting all configuration management reviews;
* Ensure compliance with the standardized processes during software deployment throughout the SDLCs;
* Establish a Root Cause Analysis (RCA) process to coordinate with all active participants in the SDLC process to determine what factors contributed to a failed release and/or reports of new incidents related to changes released into the production environment;
* Maintain currency with the latest build technologies (Jenkins, Building in the Cloud and GIT);
* Introduce new techniques and technologies for new build systems and evolve existing systems;
* Develop build scripts and tools for builds, using most appropriate languages and technologies;
* Integrate automated builds and build artifacts into test environments, unit test harnesses, and code analysis tools;
* Leverage broad knowledge across Agile Software Engineering disciplines and Cloud Technologies to advise, identify, create, and deliver Infrastructure Services and Architecture that enable the successful migration of applications and services to the Cloud;
* Provide estimates and manage own schedule at component/sub-system level , Manage build machines, VM servers, and build environments, while maintaining security concepts and processes for build systems.
* Develop security and compliance capabilities in support of FISMA and NIST Risk Management Framework;
* Work closely with product and platform teams to engineer and implement cloud security controls.
You'll Bring These Qualifications:
* Typically requires bachelor's degree or equivalent, and seven years of related experience.
* Strong writing, planning, organizational, critical thinking and problem-solving skills;
* Experience with individual or combination of the SCM tools, e.g., Subversion, JIRA with Confluence, etc.;
* Experience coordinating the development of Configuration Management Plans (CMP), as well as maintaining and updating them and all processes pertaining to CM;
* Experience monitoring and reporting on software development CM activities, e.g., product baseline, identification and control of developed software, COTS/GOTS, hardware and documentation;
* Familiar with Configuration Management SCM/CM concepts, software build/release engineering, build framework design and architecture;
* Source code administration experience;
* Experience with SharePoint as a user and Administrator;
* Version control experience, such as subversion or GIT, for build reports and software;
* Continuous integration tools for software development, like JENKINS;
* Experience working with database server deployments;
* Experience running continuous integration build life cycles focused on automation;
* Experience with security accreditation to include Authority To Operate;
* Possessing or having the ability to obtain a Secret Clearance.
These Qualifications Would be Nice to Have:
* Knowledge of ITIL, PMBOK, and general project management principles;
* Knowledge of enterprise architecture;
* FedRAMP knowledge;
* Proficient with Cloud and Virtualization technologies and their APIs (e.g., VMware, vCenter, Azure Resource Manager);
* Experience supporting Atlassian Suite products like Jira/Confluence/BitBucket, Azure Resource Manager.
* Ability to create SPLUNK dashboards, views, custom data adaptors (scripts) to monitor and provide performance metrics to debug performance issues for applications, workstations, servers and network infrastructure;
* Risk management and a strong computer security background;
* Experience utilizing PowerShell Desired State Configuration;
* Prior experience working with application/product development teams on design and implementation of best-practices for security as code;
* Experience supporting infrastructure in an Azure cloud environment.
* Strong knowledge of technology and security topics including network and application security, infrastructure hardening, security baselines, web server, and database security;
* Professional certification(s): (any one or more of the following) CISM, CSM, CI/CD, PMP/PMI, PMI-ACP, ITIL, CPDE, SAFe
What We Can Offer You:
* We've been named a Best Place to Work by the Washington Post.
* Our employees value the flexibility at CACI that allows them to balance quality work and their personal lives.
* We offer competitive benefits and learning and development opportunities.
* We are mission-oriented and ever vigilant in aligning our solutions with the nation's highest priorities.
* For over 55 years, the principles of CACI's unique, character-based culture have been the driving force behind our success.
CACI employs a diverse range of talent to create an environment that fuels innovation and fosters continuous improvement and success. At CACI, you will have the opportunity to make an immediate impact by providing information solutions and services in support of national security missions and government transformation for Intelligence, Defense, and Federal Civilian customers. CACI is proud to provide dynamic careers for employees worldwide. CACI is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities.
CACI International is a provider of information solutions and services in support of national security missions and government transformation for intelligence, defense, and federal civilian customers.