Responsibilities
Kforce has a client that is seeking a DevSecOps in New York, NY. Essential Functions:
- Advocates for the application teams Cybersecurity, DevSecOps, and Agile engineering procedures, quality engineering practices and advanced requirement capturing techniques for improving end-to-end secure delivery practices
- Design and implement strategies for collaboration, code, infrastructure, source control, security, compliance, continuous integration, testing, delivery, monitoring, and feedback
- Manage GitHub Enterprise Pipelines with a heavy emphasis on custom flows and actions as well as Azure DevOps projects (minor); This will include implementing automation tools and frameworks for CI/CD pipelines
- Responsible for day-to-day collaboration with the different application/asset teams to ensure successful implementation of secure coding practices, and integration of secure application and design processes across the company; Supports the Secure Systems Development Lifecycle (SSDLC), including functional and non-functional cybersecurity requirements
- Monitor systems, identify performance bottlenecks, and implement solutions in a proactive manner
- Works with the application Infrastructure architect to complete security/infrastructure questionnaires
- Develop and maintain design and troubleshooting documentation
- Provide training and support to internal teams, peers, and stakeholders
- Plan DR measures and maintain data storage security in Azure
- Acts as the DevOps Champion for the application/cyber/Portfolio teams
Requirements
- Minimum of 6 years of combined experience in DevOps/DevSecOps engineering, and Software Engineering
- Background in Kubernetes (AKS) and Linux is a requirement
- Expertise in Azure cloud services is a requirement (must be a senior)
- Understanding of network architectures and services (e.g., VPN, routing, firewall, NSGs, etc.)
- Knowledge of Source Code Management concepts (e.g., code lines, branching, merging, integration, versioning); Proficiency in using Git for version control is a must
- Ability to translate traditional SDLC approach (plan, code, build, test, release, deploy and monitor) to the phases of agile development when writing software to automate security related tasks
- Azure certifications (e.g., Azure DevOps engineer expert and Azure Administrator Associate) is a plus
- Knowledge of CI/CD Pipeline creation in Azure DevOps is a plus
The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.
We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.
Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.
This job is not eligible for bonuses, incentives or commissions.
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
By clicking “Apply Today” you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.