Top Secret Clearance is Required
Department of Homeland Security (DHS), Customs and Border Protection (CBP) Security Operations Center (SOC) is a US Government program responsible to prevent, identify, contain and eradicate cyber threats to CBP networks through monitoring, intrusion detection and protective security services to CBP information systems including local area networks/wide area networks (LAN/WAN), commercial Internet connection, public facing websites, wireless, mobile/cellular, cloud, security devices, servers and workstations.
Job Responsibilities & Requirements:
- Minimum of current Top Secret clearance with ability to obtain TS/SCI Clearance. In addition to specific security clearance requirements all Department of Homeland Security SOC employees are required to obtain an Entry on Duty (EOD) clearance to support this program.
- The Sec/DevOps engineer Jr. will assist with gathering requirements, design, codify, integrate and implement secure solutions that support business functionality as well as the underlying infrastructure required to run and deploy those solutions.
- Apply secure development/coding to include; but not limited to, cloud technology, internet servers, application whitelisting, virtualized containers, web-enabled database applications, network security, security engineering, data integrity, intrusion detection, firewall management, forensic and legal information security, virtual private networks, public key/infrastructure/digital signatures, encryption, network security architecture and DHS Policy.
- Champion security by injecting security concerns into the existing development workflow; build security thinking into every stage of software development.
- Coordinate with teams across the enterprise on the migration of existing IT services to the cloud; identify security technical requirements, potential problems and issues, and participate on agile software development teams.
- Support SOC capabilities by customizing tools and automating processes for SOC and IR analysts
- BS degree Science, Technology, Engineering, Math or related field and 5+ years of prior relevant software engineering or devops experience. Familiarity with software development life cycle models and agile programming methodologies
- The candidate must possess the technical skills and experiences with Cloud Service (AWS,Azure, etc), continuous delivery systems and enhancing SOC operations through automation. The ideal candidate will also have experience leading and mentoring junior members.
- Previous professional experience with performing integrated quality assurance testing for security functionality and resiliency to attacks.
- Previous professional experience with secure programming and identify potential flaws in codes to mitigate vulnerabilities.
- Applies coding and testing standards, security testing tools (including ‘fuzzing’ static-analysis code scanning tools), Identify common coding flaws, threat modeling, and conducts code reviews.
- Perform or support penetration testing as required for new or updated applications.
- Recognize security implications in the software/code acceptance phase, including completion criteria, risk acceptance and documentation, common criteria, and methods of independent testing.
- Participate in network and system design to ensure implementation of appropriate systems security policies, designs and implement systems security and data assurance.
- Take an approach of; plan, code, build, test, release, deploy and monitor when writing software to automate CBP SOC security tasks
- Knowledge of Source Code Management concepts (code lines, branching, merging, integration, versioning, etc.)
- Excellent problem solving, analytical skills and technical troubleshooting skills
- Ability to work with customers/stakeholders, developers, testers, project managers, support staff
- Experience acquiring in-depth understanding of large complex software systems to isolate defects, reproduce defects, assess risk and understand varied customer deployment
Advanced working knowledge of the following:
encryption algorithms, secure communications, network and data communication protocols.
familiar with standard concepts, practices, and procedures within a particular field such as NIST, FISMA and Common Criteria regulations and standards.
Solid Programming skills in the following programing and markup languages:
One or more of the following Certifications:
CEH, CISSP, CSSLP, GPEN, OSCP, AWS Solutions Architect, RHSA, GXPN, GWAPT
Our Company Overview:
Business Computers Management Consulting Group, LLC (BCMC) is a small business specializing in Information Technology (IT), Cybersecurity, Information Assurance (IA), SOA, Big Data Management, Program Management, and more for Federal, State, and Local agencies. We possess highly skilled engineers, providing innovative solutions backed by strong past performances. We are ISO 9001:2015 certified and registered promising highest quality to all of our clients.
Extremely competitive salary
95% employer paid for employee medical, dental, & vison coverages
100% employer paid for employee life, STD & LTD disability coverages
401k with company match and profit sharing
Flexible Spending Account (FSA) for dependent & health care
10 standard holidays & 3 weeks of annual leave