DeveloperSecOps Engineer

Summary

Join Slingshot as a DevSecOps Engineer and manage cloud security implementation across AWS, Azure, and classified platforms. Design, implement, and maintain secure software development practices and tools. Work with engineering teams to integrate security with scalability, performance, and reliability. Develop automated build and test pipeline strategies, secure cloud resources, and administer user access. Monitor security metrics and participate in Agile processes. Provide ongoing support for critical services and communicate findings to stakeholders. This role requires a TS/SCI clearance or eligibility.

Requirements

• Must have an active TS/SCI clearance or be eligible and willing to obtain one
• 3+ years of professional experience in a DevSecOps or similar role
• Experience with container security practices within Kubernetes and Helm
• Experience with security configuration of AWS Cloud Native Technologies
• Deep working knowledge of version control (Git) and CI/CD tools (GitHub Actions)
• Experience with infrastructure as code frameworks including Terraform
• Good understanding of networking, routing, firewalls, VPN, SSL
• Knowledge of programming/scripting languages (Python, Bash, JavaScript) used in DevSecOps life cycles
• Keen attention to detail and industry best practices pertaining to privacy, security, and compliance
• Skill and comfort working in a rapidly moving startup environment with dynamic objectives and iteration with users

Responsibilities

• Executes all position responsibilities in alignment with Slingshot’s core values, mission, and purpose
• Work within Engineering teams to interweave security with the scalability, performance, reliability, and functional requirements to virtualized/cloud computing solutions
• Leverage industry best practices and experience to ensure that security is baked into deliverables from the start and that each product and program fully embrace a DevSecOps and “shift-left on security” mentality
• Develop automated build and test pipeline strategies including aspects of security and compliance to ensure viability of cloud deployment solutions
• Secure and manage cloud-native resource on providers like AWS and Azure through infrastructure-as-code and compliance-as-code
• Administer and support developer and user access to cloud resources
• Leverage observability tools to monitor security metrics for applications virtualized resources
• Participate in Agile software develop and deployment processes
• Provide ongoing support for the services and applications that are critical to our business needs
• Communicate methods, findings, and hypotheses with stakeholders
• Perform other duties as assigned (to be less than 10% of the responsibilities listed above)

Preferred Qualifications

• Degree in computer science or related field
• Active TS/SCI clearance
• Experience with asynchronous processing and/or data streaming technologies, such as AWS Kinesis, Kafka, or ZeroMQ, KNative
• Experience with securing data platforms, microservices, distributed systems and deploying into classified cloud environments
• Experience with security audits/certifications such as SOC 2 Type 2, FedRAMP, CMMC 2.0, ISO 27001
• Early-stage data-centric startup experience