DevSecOps Engineer

Role : DevSecOps Engineer

Location : Ridley Park, PA, Hazelwood, MO, Oklahoma City, OK or Plano, TX (HYBRID 2 days on site ) ONLY LOCAL

Job type : Contract

Clearance : Ability to obtain secret clearance

Job Description: The Boeing Company is currently seeking a DevSecOps Engineer to join the Next Generation Product Support (NPGS)team located in Ridley Park, PA, Hazelwood, MO, Oklahoma City, OK or Plano, TX. This position will focus on supporting the Boeing Global Services (BGS) business organization.

• The successful candidate will develop, document, and maintain standardized, efficient, and innovative processes, tools, methodologies and performance metrics to streamline the software engineering lifecycle and enable continuous integration, delivery, and deployment of safety critical software.
• We operate as a fast-paced agile team and seek candidates who have proven skills in DevSecOps, Cloud environments, to automate, develop, monitor, improve and troubleshoot across software engineering development, tooling, testing, deployment, configuration process and security controls.
• An ideal candidate will demonstrate technical expertise for required software projects and lead activities and work under minimal direction.
• This position is hybrid. This means that the selected candidate will be required to perform some work onsite at one of the listed location options. This is at the hiring team's discretion and could potentially change in the future.
• To be considered for this position you will be required to complete a technical assessment as part of the selection process. Failure to complete the assessment will remove you from consideration.

Position Responsibilities:

• Develop and enhance the NGPS development security practice by integrating secure coding solutions that identify security vulnerabilities within each phase of the software development lifecycle and enforce compliance within the CI/CD pipeline.
• Implement solutions that identify vulnerabilities within source code, open-source software libraries, hardened containers, and deployed applications by leveraging static application security testing (SAST), dynamic application security testing (DAST), container security scanning, and software composition analysis tools; and provide recommendations to remediate.
• Implement efficient processes centered around continuous integration best practice
• Develop an efficiency-centered code quality solution that enables visibility, transparency, and continuous monitoring within a shared responsibility model
• Implement immediate quality feedback loops for the developers building NGPS software
• Develop and implement an event-driven container security scanning and software composition analysis solution within the CI/CD pipeline using Prisma, AWS Inspector 2, X-Ray by Antifactory, and/ or Nexus Lifecycle
• Provide hands-on DevSecOps support to the NGPS portfolio, such tasks would include - infrastructure support and sustainment activities, CI/CD pipeline development and improvement, GitLab administration, AWS or Azure Cloud administration, and containerization.
• Collaborate on idea creation and development of the Software development tool chain
• Support the ongoing lifecycle maintenance of the DevSecOps tool chain
• Support the software quality efforts of our Boeing product deliveries to our partners and customers
• Ensure that secure development and deployment infrastructure supports CI/CD and automated verification systems.
• We work in a casual but professional environment with multi-disciplined teams of engineers that take pride in developing, integrating, testing and delivering innovative solutions. T
• here is long-term potential for career growth into technical leadership or management positions and we value the curiosity, tenacity and imagination our engineers bring to our teams each day.

Security Clearance and Export Control Requirements:

***This position requires the ability to obtain a US Security Clearance for which the US Government requires ship. Ability to obtain Secret US Security clearance Post-Start.

Basic Qualifications (Required Skills/ Experience):

• Bachelor of Science degree from an accredited course of study in engineering, engineering technology (includes manufacturing engineering technology), chemistry, physics, mathematics, data science, or computer science
• 5 or more years' experience with software development
• 2 or more years' experience with Cloud technologies, such as AWS, Google Cloud Platform or Azure
• Experience with Automation and Continuous Integration/Continuous Deployment (CI/CD) techniques and design pattern

Preferred Qualifications (Desired Skills/Experience):

• Have the ability to set up, and manage a toolchain using tools such as GitLab, Bazel, SonarQube, Coverity, NetSparker, Nexus Lifecycle, Artifactory and more
• Strong Working knowledge of the CI/CD process including debugging, test, and integration of software tools
• Understanding of secure software development methodologies and Security First minds
• Strong working knowledge of Agile Software Development
• Demonstrated history with microservices deployment
• Demonstrated experience implementing secure Hybrid (Cloud / on-prem) development and deployment infrastructure
• Proficient in programming and /or scripting ability (bash,python,java,c)
• Strong communication skills and a self-starter

Describe the project/day-to-day activities they will be working on:

• Enhancing the NGPS static application security testing practices by integrating Coverity into the CI/CD pipeline.
• Enhancing the NGPS static application testing practices by integrating SonarQube into the CI/CD pipeline.
• Developing dynamic application security tests using NetSparker and integrating them into the CI/CD pipeline
• Implementing event-driven container security scanning and software composition analysis solution within the CI pipeline using Prisma, AWS Inspector 2, X-Ray by Antifactory, and/ or Nexus Lifecycle.
• Provide hands-on DevSecOps support, such tasks would include - infrastructure support and sustainment activities, CI/CD pipeline development and improvement, GitLab administration, AWS or Azure Cloud administration, and containerization.
• Working with developers and product owners to increase unit test coverage and code quality and burn down detected vulnerabilities
• Creating process documentation and migration guides

What skill sets have you found work well for this role?

Software development

Application security

Cloud engineering

Strong collaboration and communication skills

Ability to work independently

Type of background you are looking for (education, # yrs experience, etc.):

Bachelor of Science degree from an accredited course of study in engineering, engineering technology (includes manufacturing engineering technology), chemistry, physics, mathematics, data science, or computer science

5 or more years' experience with software development

2 or more years' experience with Cloud technologies, such as AWS, Google Cloud Platform or Azure

Experience with Automation and Continuous Integration/Continuous Deployment (CI/CD) techniques and design pattern

Education / Experience:

Education/experience typically acquired through advanced technical education from an accredited course of study in engineering, computer science, mathematics, physics or chemistry (e.g. Bachelor) and typically 5 or more years' related work experience or an equivalent

combination of technical education and experience (e.g. PhD, Master+3 years' related work experience). In the USA, ABET a

Sr. IT Recruiter

Email-

Phone Number : +1 321 7856 062

STELLENT IT A Nationally Recognized Minority Certified Enterprise

"Happiness can be found, even in the darkest of times, if one only remembers to turn on the light."
- JK Rowling

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.