DevSecOps Engineer

Job not on LinkedIn

🕒 March 14

🏛️ District of Columbia – Remote

🏛️ District of Columbia – Remote

💵 $128.5k - $205.6k / year

⏰ Full Time

🟠 Senior

🔴 Lead

⛑ DevOps & Site Reliability Engineer (SRE)

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Icmarc

WebsiteLinkedInAll Job Openings

- employees

💸 Finance

🤝 B2B

Finance • B2B

Icmarc is a retirement services provider focused on public‑sector employers and individual participants. It offers administration and investment management for retirement plans (457(b), 401(a), 401(k), 403(b), retirement health savings and IRAs), along with participant financial education, CFP® advisory services, plan‑sponsor support, consultant access, research, and legislative advocacy. The company positions itself as a partner for plan sponsors, consultants, and participants, providing investment products, professional advice, and educational resources.

📋 Description

• Build relationships with developers, stakeholders, and scrum masters to incorporate security principles into engineering design and application deployments. • Perform security testing and validation of application security controls across projects, ensuring secure design and implementation. • Oversee the implementation of defensive security practices and countermeasures across applications and supporting infrastructure. • Uphold CI/CD security strategy and practices in partnership with other technical team leads, ensuring security is consistently embedded in pipelines. • Demonstrated experience with SAST, SCA, DAST, and IaC scanning tools and methodologies. • Identify vulnerabilities in code through automated and manual assessments and promote efficient remediation. • Apply threat modeling principles to improve design and development practices. • Serve as a point of contact for security-based escalations and remain closely involved in resolution activities. • Build services and tools that enable developers and engineers to easily adopt and use security components produced by the application security team. • Simplify and enhance automation that applies security controls within CI/CD pipelines. • Support shift-left initiatives by incorporating security early and throughout the development lifecycle. • Leverage foundational cloud security architecture knowledge (IAM, containers, baseline hardening).

🎯 Requirements

• Bachelor’s degree (BA/BS) in Finance, Accounting, Business, or a related field, or equivalent professional experience • At least 7+ years’ experience in information technology, information security administration or security operations • Experience with agile workflows, including Scrum and Kanban. • Understanding of containers (e.g., Docker) and container orchestration (e.g., Docker Swarm, Kubernetes) • Understanding of CloudFormation, Terraform, Ansible and Jenkins • Proficient in securing Windows and *nix operating systems, endpoint applications, networking protocols and devices • Proven experience with operations and security across Amazon Web Services (AWS) and Microsoft Azure • Proven experience with GitHub Actions • Hands on experience with WIZ • Hands on experience with application security testing (BURP) • Ability to obtain and maintain technical team and business support influences a collaborative effort to reduce the attack surface while performing rapid, continuous implementation • Capable of scripting in Python, Bash, Perl or PowerShell • Understanding of OWASP, CVSS, the MITRE ATT&CK framework and the software development lifecycle (SLDC)

🏖️ Benefits

• Competitive Total Rewards package, including base pay, incentive programs, benefits, and a 401(k) plan with matching contributions • Flexible and hybrid work schedules to support work-life balance • Tuition reimbursement to support continued education • Professional and career development opportunities, including courses and certifications • Comprehensive wellness programs promoting physical, mental, and emotional health • Volunteerism initiatives to encourage community engagement