We are seeking a skilled and experienced DevSecOps Engineer to join our team in modernizing a portfolio of .NET and Python applications by leveraging Azure Cloud services. This role is critical for ensuring that applications are scalable, secure, and performant. The successful candidate will be responsible for integrating DevSecOps practices throughout the development lifecycle, maintaining robust security measures, and supporting continuous integration and deployment processes.
This position is hybrid (On-Site 2 days a week in Bethesda, MD).
Responsibilities:
Embed security at every stage of the application development lifecycle to meet the security requirements of the NIH Risk Management Framework.Develop and maintain continuous integration and continuous deployment (CI/CD) pipelines for iterative progress.Automate security checks and processes to ensure secure, high-quality, and efficient application deployments.Support NIH Security Assessments for all applications, providing artifacts and participating in security interviews.Leverage Azure Cloud services such as Azure App Services, Azure Functions, Azure Kubernetes Service (AKS), Azure SQL Database, and Azure Cosmos DB for application modernization.Ensure that cloud infrastructure is secure, scalable, and performant.Conduct thorough assessments and analyses of existing .NET and Python applications.Collaborate with stakeholders to gather detailed requirements and establish clear security objectives.Incorporate applicable NIST SP 800-53 controls into secure coding standards and best practices.Design scalable, secure, and high-performance applications.Assist in consolidating and modernizing database infrastructure by migrating from CIT-hosted Oracle databases and IRMB-hosted SQL databases to Azure SQL Database.Ensure database schemas are designed efficiently and securely.Maintain existing databases and create recurring data management jobs.Enhance data visualization capabilities using tools such as Tableau, Power BI, and Business Objects.Ensure seamless integration and continuous interaction with NIH data sources.Quality Assurance and Testing:Develop and execute comprehensive test plans, including automated test solutions.Continuously monitor and test applications to ensure functionality, reliability, and security.Generate detailed test reports and address identified defects promptly.Participate in Scrum Agile methodologies, including regular sprint planning, daily stand-ups, sprint reviews, and retrospectives.Foster a culture of continuous improvement, iterative development, and frequent feedback loops.
Qualifications:
Bachelor’s degree in Computer Science, Information Technology, or a related field.Proven experience as a DevSecOps Engineer or in a similar role.Strong knowledge of Azure Cloud services, including Azure App Services, Azure Functions, AKS, Azure SQL Database, and Azure Cosmos DB.Proficiency in CI/CD tools and automation frameworks.Experience with secure coding practices and implementing security controls (e.g., NIST SP 800-53).Familiarity with data visualization tools such as Tableau, Power BI, and Business Objects.Strong understanding of Agile methodologies and practices.Excellent problem-solving skills and attention to detail.Strong communication and collaboration skills.
Preferred Qualifications:
Master’s degree in Computer Science, Information Technology, or a related field.Certification in Azure, DevOps, or related areas.Previous experience in a similar role within a healthcare or research organization.Familiarity with NIH/HHS/NIST security requirements.Apply for this job
