DevSecOps Engineer

• Security Automation: Automate security testing, vulnerability scanning, and compliance checks within the CI/CD pipeline.
• Infrastructure as Code (IaC) Security: Securely manage CI infrastructure using IaC principles, ensuring security best practices are implemented from the start.
• Security Tool Integration: Integrate and manage various security tools, including SAST, DAST, SCA, and infrastructure security scanners.
• Incident Response: Participate in security incident response, including investigation, containment, and remediation.
• Compliance and Auditing: Assist with compliance audits (e.g., SOC 2, PCI DSS, HIPAA) by providing evidence and automating compliance checks.
• Security Training and Awareness: Promote security awareness and provide training to development and operations teams.
• Security Monitoring: Implement and maintain security monitoring solutions to detect and respond to security threats.
• Continuous Improvement: Continuously improve security practices and automation, keeping up with the latest security threats and technologies.
• Collaboration: Collaborate effectively with development, operations, and security teams to achieve shared goals.
• Documentation: Create and maintain clear and concise documentation for security procedures and best practices.
• Stay up-to-date: Continuously learn about the latest security trends, tools, and techniques.

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 5+ years of experience in a DevSecOps or related role.
• Strong understanding of CI/CD pipelines and DevOps principles.
• Experience with containerization tools such as Docker and Podman.
• Experience with scripting languages such as Python, Bash, or Go.
• Experience with security tools such as SAST, DAST, SCA, and vulnerability scanners.
• Experience with containerization technologies such as Docker and Kubernetes.
• Solid understanding of security principles and best practices.
• Strong analytical and problem-solving skills.
• Excellent communication and collaboration skills.

• Security certifications such as Security+, CSSLP, CISSP, CISM, or CEH.
• Experience with GitLab CI and GitLab Runners.
• Experience with security automation tools such as Ansible or Chef.
• Experience with Infrastructure as Code tools such as Terraform or CloudFormation.
• Experience with cloud platforms such as AWS, Azure, or GCP.
• Experience with security monitoring tools such as SIEM or IDS/IPS.
• Experience with compliance frameworks such as SOC 2, PCI DSS, or HIPAA.
• Experience with container orchestration software such as Kubernetes.
• Experience with threat modeling methodologies.
• Contributions to open-source security projects.

• Must possess an active DoD Top Secret Clearance with SCI and SAP eligibility.

• 
  
  
  
  Interesting Work:
  
  
  
  Our co-workers support some of the most important and critical programs to our national defense and security.
  
  
• 
  
  
  
  Values:
  
  
  
  Our first core value is that employees come first. We challenge our co-workers to provide the highest level of support and service, and reward them with some of the best benefits in the industry.
  
  
• 
  
  
  
  100% Employee Owned:
  
  
  
  We have a stake in each other's success, and the success of our customers. It's also nice to know what's going on across the company; we have company wide town-hall meetings three times a year.
  
  
• 
  
  
  
  Great Benefits - Most Full-Time Staff Are Eligible for:
  
  
  




• 
  Starting PTO accrual of 20 days PTO/year + 10 holidays/year
  
• 
  Flexible schedules
  
• 
  6% 401k match with immediate vesting up to $9k annually
  
• 
  Semi-annual bonus eligibility (July and December)
  
• 
  Company funded Employee Stock Ownership Plan (ESOP) - a separate qualified retirement account
  
• 
  Up to $10,000 in annual educational reimbursement
  
• 
  Other company funded benefits, like life and disability insurance
  
• 
  Optional zero deductible Blue Cross/Blue Shield health insurance plan
  




• 
  
  
  
  Track Record of Success:
  
  
  
  We have grown every year since our founding in 1993.
  
  

Modern Technology Solutions, Inc. (MTSI) is a 100% employee-owned engineering services and solutions company that provides high-demand technical expertise in Digital Transformation, Modeling and Simulation, Rapid Capability Development, Test and Evaluation, Artificial Intelligence, Autonomy, Cybersecurity and Mission Assurance

MTSI delivers capabilities to solve problems of global importance. Founded in 1993, MTSI today has employees at over 20 offices and field sites worldwide.

For more information about MTSI, please visit www.mtsi-va.com