Expoint - all jobs in one place

Finding the best job has never been easier

Limitless High-tech career opportunities - Expoint

IBM Security Engineer - DevSecOps 
United States, District of Columbia, Washington 
394575188

29.07.2024
Required Technical and Professional Expertise
  • 5+ years experience supporting secure DevSecOps practices using FORTIFY 5+ years experience running Dynamic and Static Application Security Testing (SAST)
  • 5+ years experience working with of source version control, build/release tools and methodologies
  • 5+ years experience with CI/CD pipelines
  • 5+ years experience with the software build process
  • 5+ years experience supporting backups and disaster recovery
  • 5+ years experience maintaining access control and the integrity of data throughout the platform 5+ years experience designing, developing, evaluating and modifying systems and systems-oriented products.
  • 5+ years experience configuring, deploying and maintaining and optimizing securiy code scanning tools (Fortify)
  • Work with the deveopment and infrastucture teams to remdiate findings
  • Perform Cyber Supply Chain Risk Management (C-SCRM) activities to include configuring, deploying and maintaining SCRM tool (Mend) and analyze reports.
  • Support Security Assessment and Authorization / ATO process
  • Bachelors Degree and a minimum 5 years experience. Additional years of experience maybe accepted in lieu of the degree.
  • Ability to acquire a Public Trust Background investigation
  • Certified in industry recognized areas such as CISSP, CISA, or CISM
  • Familiarity with NIST 800-53, FISMA, FedRAMP


Preferred Technical and Professional Expertise

  • Excellent organization, collaboration, project management, and team leadership skills
  • Strong communication skills and experience creating and delivering compliance status and metrics briefings to senior leadership
  • 2+ years experience executing security compliance in multi-cloud or DevSecOps environments
  • 2+ years experience coordinating across security, IT operations, audit, and development groups to achieve security outcomes
  • Security certification in one or more cloud environments (Azure, AWS, Google…)