Description
JOB TYPE: FULL-TIME COMPETITIVE SALARY, COMPREHENSIVE BENEFITS AND A COMPANY THAT CARES! THIS POSITION IS CONTINGENT UPON FUNDING. Relocation May Be Considered AUSGAR Technologies, Inc., an EOE Disabled/Veterans employer, is an established Service-Disabled Veteran-Owned Small Business (SDVOSB) Department of Defense, government contractor with core competencies in Information Assurance, Cyber Security and Systems Engineering. With offices on both the East and West coasts, an inviting culture and above-standard benefits, opportunity abounds for the right individual! Software/Container Security Engineer - 25-021 - CONTINGENT - San Diego, California AUSGAR Technologies has an exciting, NEW CONTINGENT opportunity for a Software/Container Security Engineer to join our team of smart and innovative technical team members working in the Point Loma area of San Diego, California. This key role is responsible for oversight of Container Information Security for NIWC PAC in Point Loma, CA. Will identify potential security configuration and other risks and vulnerabilities in the container environment. Will provide container vulnerability assurance inclusive of compliance with configuration requirements, security controls and improvements. Job Responsibilities: Core Security Expertise o Application Security Fundamentals
- Experience with static application security testing (SAST), dynamic application security testing (DAST) and software composition analysis (SCA) tools and processes.
- Understanding of common web application vulnerabilities (OWASP Top 10, SANS Top 25).
- Understanding of API security best practices (REST, GraphQL).
- Knowledge of secure coding principles and best practices for Java programming language.
o General Security Concepts
- Risk assessment and management.
- Identity and Access Management (IAM) principles and best practices (RBAC, ABAC, least privilege).
- Data security and privacy principles (encryption in transit/at rest, data classification).
- Security logging, monitoring and incident response fundamentals.
Container & Orchestration Security o Containerization Technologies
- Experience with container registries (e.g., Docker Hub, Quay, Azure Container Registry, ECR, GCR) and securing them.
- Expertise with Docker, container runtimes (containerd, Podman) and image best practices (multi-stage builds, minimal images).
- Understanding of container networking and storage security.
o Kubernetes/OpenShift Security
- Experience hardening Kubernetes clusters (e.g., kube-bench, CIS benchmarks).
- Experience with securing Kubernetes workloads and configurations.
- Knowledge of Kubernetes security primitives (Network Policies, Pod Security Policies/Admission Controllers, Service Accounts, Secrets, RBAC).
- Understanding of Kubernetes admission controllers and how to leverage them for security enforcement.
o Container Security Tools
- Hands-on experience with container image scanning tools (e.g., Trivy, Clair, Anchore, Snyk Container).
- Experience with container runtime security tools (e.g., Falco, Sysdig Secure, Aqua Security, Twistlock/Palo Alto Prisma Cloud).
DevSecOps & Automation o CI/CD Integration
- Ability to automate security checks (SAST, DAST, SCA, container scanning, IaC scanning) within the pipeline.
- Understanding of artifact management and secure supply chain principles.
o Infrastructure as Code (IaC) Security
- Familiarity with IaC tools (e.g., Terraform, CloudFormation, Ansible, Helm).
o Scripting & Automation:
- Proficiency in at least one scripting language (e.g., Python, Bash, Go) for automating security tasks and integrations.
o Version Control
- Strong understanding of Git and collaborative development workflows (e.g., pull requests, branching strategies).
Agile & Collaboration Skills: o Agile Methodologies
- Experience working within Agile/Scrum/Kanban teams.
- Ability to integrate security activities seamlessly into sprints and release cycles.
- Understanding of how to embed security early ("shift left").
o Communication & Collaboration
- Excellent verbal and written communication skills, able to explain complex security concepts to technical and non-technical audiences.
- Strong collaboration skills, capable of working effectively with developers, operations, QA and product owners.
- Ability to provide constructive feedback and guidance to development teams.
o Problem-Solving
- Strong analytical and problem-solving skills to identify security issues and propose effective solutions.
Requirements
The physical demands and work environment described here are representative of those that must be met by an employee to successfully perform the essential functions of the job. Reasonable accommodation may be made for individuals with disabilities to perform the essential functions.
- Must possess an active Top-Secret clearance.
- Bachelor's degree from an accredited college/university desired.
- Five years of related experience.
- Hands-on experience with container image scanning tools (e.g., Trivy, Clair, Anchore, Snyk Container).
- Experience with static application security testing (SAST), dynamic application security testing (DAST) and software composition analysis (SCA) tools and processes.
- Experience with container registries (e.g., Docker Hub, Quay, Azure Container Registry, ECR, GCR) and securing them.
- Expertise with Docker, container runtimes (containerd, Podman) and image best practices (multi-stage builds, minimal images).
- Experience with container runtime security tools (e.g., Falco, Sysdig Secure, Aqua Security, Twistlock/Palo Alto Prisma Cloud).
- Experience working within Agile/Scrum/Kanban teams.
- Proficiency in at least one scripting language (e.g., Python, Bash, Go) for automating security tasks and integrations.
- Strong understanding of Git and collaborative development workflows (e.g., pull requests, branching strategies).
- Strong analytical and problem-solving skills to identify security issues and propose effective solutions.
- Excellent verbal and written communication skills, able to explain complex security concepts to technical and non-technical audiences.
Salary Range: $135K-155K Based on your qualifications, you will be placed in Level I-V. An essential qualification for this position is having a security clearance issued by the Federal Government, which may require successful completion of a background check. We use E-Verify to electronically confirm the employment eligibility of newly hired employees. AUSGAR's salary range is dependent upon a variety of factors, which include experience, skills, education, certifications and geographical location. Our salary range includes a base salary and excellent benefits package as part of our total compensation. AUSGAR Technologies, Inc. is an equal opportunity employer. If you are a qualified individual with a disability or a disabled veteran and need assistance in completing the application, you have the right to request reasonable accommodation. Please e-mail us at jobs@ausgar.com if you are unable or limited in your ability to use or access www.ausgar.com careers page as a result of your disability.
|