- Role type
Ricardo Defense is seeking a DevSecOps Engineer to automate processes and embed security within the software development pipeline. This DevSecOps Engineer will integrate several types of tools, e.g. source code repositories, build tools, security analysis tools, issue management, and developer environments. Additional responsibilities for this DevSecOps Engineer will include gaining knowledge on application security evaluating software security, and sharing application security best practices with development teams.
Essential Duties and Responsibilities:
- Integrate tools within the software pipeline to include Build tools (Jenkins/Gitlab), Issue Management (Jira), Source Code Management (Bitbucket/Git/SourceTree), SAST (Fortify/Synopsys/OWASP Dependency Checker), Development Environment (VS Code/Visual Studio)
- Containerize applications with Docker
- Conduct Static Analysis Security Testing (SAST) and Dynamic Analysis Security Testing (DAST)
- Collaborate with software development team to customize software pipeline configuration settings, e.g. build pass/fail criteria, build triggers, open-source dependency vulnerability notifications, build reports, etc.
- Creating repeatable processes that eliminate or minimize human input
- Proficient with Python and command line scripting
Preference Given for Those Who
- Have background in a variety of software development roles, e.g. developer, tester, application security, etc
- Possess DevOps or DevSecOps certification
- Possess software security certification to include (in alphabetic order): CASP+, CEH, CISSP, OSCP, Security+
- Are familiar with DISA STIGs and OWASP Secure Coding Practices
- A bachelor’s degree from an accredited college or university in an applicable field of study
- Minimum of 4 years in DevOps, DevSecOps, or SW development role
- Ability to obtain a Common Access Card, Government Security Clearance and maintain a clearance
Ricardo Defense offers an impressive compensation and benefits package including:
- Medical, Dental & Vision Benefits
- Company Paid Life and AD&D
- Company Paid Short Term and Long-Term Disability
- Flexible Spending & HSA Accounts
- 401k with Company Match
- Paid holidays, vacation and sick days
Ricardo Defense is a wholly-owned subsidiary of Ricardo Inc. established as a separate limited liability company in 2015 and structured under a Defense Security Service ‘Special Security Agreement’. Ricardo Defense provides engineering, technology, product innovation, sustainment, and field support services for our customers in the defense industry. We are committed to providing outstanding value through quality engineering solutions focused on class-leading product innovation and robust strategic implementation. We are guided by our corporate values of respect, integrity, creativity & innovation and passion. Ricardo, Inc. is the US subsidiary of Ricardo plc. For more information, visit www.ricardo.com.
Ricardo Defense is an Equal Opportunity/Affirmative Action employer. All qualified applicants will be considered without regard to race, color, religion, national origin, sex (including gender identity or gender expression), age, mental or physical disability, creed, ancestry, citizenship, veteran status, marital status, sexual orientation, medical condition, genetic trait or any other characteristic protected by federal, state or local law.