About the Role: The CI/CD and Infrastructure as Code (IaC) Implementation Specialist will play a key role in advancing technology and security posture by supporting the adoption of modern software development lifecycle practices. This position is crucial to ensuring compliance with the Office of Management and Budget (OMB) Memorandum M-22-09, which emphasizes the importance of employing immutable workloads, particularly in cloud-based infrastructure. The successful candidate will research industry best practices, draft agency-specific policies and standards, provide targeted training, and track the adoption of CI/CD and IaC practices.
Role Description:
Research and Analysis:
- Conduct thorough research on industry best practices related to Continuous Integration/Continuous Deployment (CI/CD) and Infrastructure as Code (IaC).
- Analyze how these practices can be effectively applied within cloud and on-premises environments to support the creation of reliable, predictable, and scalable applications based on immutable workloads.
Policy and Standards Development:
- Draft comprehensive Agency policies, guidance, and standards that align with the Cybersecurity and Infrastructure Security Agency (CISA)’s Cloud Security Technical Reference Architecture.
- Ensure that the developed policies and standards facilitate the use of CI/CD and IaC in all environments where custom code is developed.
Training and Knowledge Transfer:
- Design and deliver targeted training programs for developers, both internal and external, focusing on the use and benefits of CI/CD and IaC.
- Create educational materials and resources to support the adoption and integration of these practices into the software development lifecycle.
Adoption Tracking and Reporting:
- Monitor and track the adoption of CI/CD and IaC practices across applicable systems.
- Develop and maintain metrics and reports that demonstrate the progress and effectiveness of CI/CD and IaC implementation within the agency.
Required Qualifications & Education:
- Bachelor’s degree.
- Minimum of 8 years of experience in software development, DevOps, or IT infrastructure, with a strong focus on CI/CD pipelines and Infrastructure as Code.
- Proven experience in drafting and implementing policies, standards, and best practices in an enterprise environment.
- Deep understanding of CI/CD tools such as Jenkins, GitLab CI, or CircleCI, and IaC tools like Terraform, AWS CloudFormation, or Ansible.
- Strong knowledge of cloud platforms (AWS, Azure, Google Cloud) and their respective CI/CD and IaC capabilities.
- Familiarity with immutable infrastructure concepts and containerization technologies like Docker and Kubernetes.
Desired Qualifications:
- A master’s degree is preferred.
- Relevant certifications such as AWS Certified DevOps Engineer or similar are highly desirable.
Clearance Requirements:
- Must successfully qualify for a Public Trust Clearance.
About NR Labs
At NR Labs, our passion is to solve the hard problems that keep security leaders up at night in a way that caters to their unique technical, financial, political, and business posture. Our company empowers every organization to achieve its cyber potential. NR Labs focuses on cybersecurity for public and private sector clients and is dedicated to solving their most complex cyber challenges. If you are curious in learning more about NR Labs, please visit our website at nrlabs.com.
