DevSecOps Engineer
Not Disclosed•Full-TimeOn-site
location_on1420, 11th Street, Cheatom Park, Des Moines, Polk County, Iowa, 50314, United States
About the Role
This position within Maximus TCS (Technology and Consulting Services) serves as a critical nexus for Development, Security, and Operations (DevSecOps). The role is designed to fortify network infrastructure and security operational processes through advanced automation and rigorous compliance efforts. You will be responsible for managing incident response, vulnerability scanning, and penetration testing while ensuring the integrity of deployment tools and processes.
The day-to-day involves designing and implementing solutions for network or security operational issues, conducting root cause analysis using monitoring tools, and maintaining operations runbooks to prevent recurring incidents. You will set up and monitor proxy servers, systems, and firewalls, while also managing end-user and administration access controls. A key part of the mission is to research technology trends in cloud site reliability engineering and recommend automation improvements to replace manual tasks, leveraging scripting languages and open-source solutions to enhance security frameworks.
Hiring Process
Candidates requiring assistance during any phase of the employment process, including accessing job postings, completing assessments, or participating in interviews, due to a disability, medical condition, or physical or mental impairment, should contact People Operations at applicantaccom@maximus.com for reasonable accommodations.
Equal Opportunity & Culture
Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information, and other legally protected characteristics. Our commitment to diversity ensures a workplace where all individuals are valued and have the opportunity to contribute to our mission.
Compensation & Benefits
Maximus compensation is based on various factors including job location, a candidate's education, training, experience, expected quality and quantity of work, required travel, external market and internal value analysis, seniority, and merit systems. Annual salary is just one component of Maximus's total compensation package. Other rewards may include short- and long-term incentives as well as program-specific awards. Additionally, Maximus provides a variety of benefits to employees, including health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays, and paid time off. Compensation ranges may differ based on contract value but will be commensurate with job duties and relevant work experience. An applicant's salary history will not be used in determining compensation. Maximus will comply with regulatory minimum wage rates and exempt salary thresholds in all instances.
Work location
Work model: On-site
1420, 11th Street, Cheatom Park, Des Moines, Polk County, Iowa, 50314, United States
Des Moines, Iowa
Key Responsibilities
- check_circleConduct penetration testing and security code reviews
- check_circleManage end-user and administration access for access control
- check_circlePerform network and security analysis using monitoring tools and system analytics
- check_circleCoordinate remediation patching and compliance efforts
- check_circleSet up and maintain proxy servers, systems, and firewalls
- check_circleUpdate security procedures and maintain operations runbooks
- check_circleResearch technology trends for cloud site reliability engineering
- check_circleDesign and implement automated security testing tools and frameworks
Requirements
- verifiedBS in Computer Science, IT, or related field
- verified10 years experience or multiple IT certifications
- verified8 years work-related experience
- verifiedActive Top Secret with SCI eligibility
- verifiedSecurity+ or DoD 8570 IAT-II certification
Nice to Have
Certified Kubernetes Application Developer (CKAD), Red Hat Certified Engineer (RHCE), Certified Jenkins Engineer (CJE), AWS Certified DevOps Engineer, Certified Kubernetes Engineer (CKA), GitLab Certified DevOps Professional, or similar certifications. Familiarity with technical aspects for IT and IAT-Level II Certifications. Experience with CI/CD pipelines, infrastructure as code, and containerization technologies. Expertise in cloud platforms, automation tools, scripting languages, and security testing tools. Understanding of AWS, Azure, or GCP and their security services. Understanding of USAF IT systems, networks, and platforms. Experience with Jenkins, GitLab CI, Azure DevOps, or similar tools for automating the build, test, and deployment process. Proficiency with tools like Terraform, Ansible, or CloudFormation to automate infrastructure provisioning and configuration. Familiarity with Docker, Kubernetes, and related technologies. Proficiency in scripting languages like Python, Bash, or PowerShell to automate security tasks and workflows. Experience with static analysis (SAST), dynamic analysis (DAST), and software composition analysis (SCA) tools, as well as vulnerability scanners. Solid understanding of network security principles, including firewalls, intrusion detection/prevention systems, and network segmentation. Familiarity with SIEM solutions (like Splunk or ELK) and log aggregation tools for security monitoring. Familiarity with Identity and Access Management (IAM) and Zero Trust (ZT) security models.
Benefits & Perks
check_circleHealth insurance coveragecheck_circleLife and disability insurancecheck_circleRetirement savings plancheck_circlePaid holidays and paid time offcheck_circleShort- and long-term incentives