Lead Security Developer (Java), #782
Clearance:
Current DHS or DHS component clearance required. CBP clearance preferred.
Dev Technology Group is looking for a strong developer/architect to help implement security solutions across all layers of our infrastructure, though primarily in the application layer, and in the interactions between systems. The ideal candidate will be able to work independently and in coordination with other team members, and like to tackle hard problems and dig deep into an issue to find the solution within the constraints that exist. This is a great opportunity to work on mission-critical systems that bring clear value to the end user and to the customer.
What You'll Be Doing:
- Create, design, develop and implement robust security solutions across all stages of software development and deployment, ensuring secure coding practices and data protection
- Develop security architecture frameworks and policies tailored to a microservices-based environment on AWS
- Propagate solutions across multiple development teams and a variety of applications with different architectural profiles
- Review code scan results across multiple tools (Anchore, WebInspect, DBProtect) and collaborate with Security compliance staff on ways to tune and optimize scans
- Develop and maintain custom tools to integrate code scanning tool outputs with JIRA
- Implement source control integrations and pipeline jobs to provide early security feedback and identify gaps in secure coding practices
- Conduct vulnerability assessments and penetration testing to identify and mitigate potential security vulnerabilities
- Utilize ethical hacking techniques to proactively identify and fix security vulnerabilities within applications and infrastructure
- Advocate and implement security best practices in coding (especially in Java, Python, and Angular), deployment, and operations, providing internal training, development support
- Implement security monitoring and alerting systems to detect and respond to security incidents in real-time
Required Education, Experience, and Skills:
- Bachelor’s degree plus at least 7 years of experience developing in in Java, Python, and Angular
- Demonstrated experience in security protocols (e.g., TLS/SSL, IPsec, OAuth and OpenID Connect, SAML, HTTPS, Key management and Encryption Protocols)
- Understanding of Zero Trust principals, methods and implementation
- Demonstrated experience with a range of AWS services and security features (e.g., IAM, VPC, CloudTrail, and Security)
- Demonstrated experience with microservices architecture and containerization (e.g., Docker, Kubernetes).
- Demonstrated experience implementing security controls and scans into CI/CD pipelines
- Understanding of network security, database management, and hardware security
- Excellent problem-solving skills and attention to detail
- Strong communication skills to convey complex security concepts to non-technical and technical stakeholders
- Demonstrated experience overseeing projects and mentoring team members
- Ability and desire to collaborate with developers, ISSOs, security engineers, architects, anyone engaged in the delivery
Preferred Education, Experience, and Skills:
- Proficiency with ethical hacking tools and methodologies
- A certification such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), and AWS Certified Security – Specialty
- Experience working on a large scale project with multiple teams
- Experience on a federal government project
Who We Are
Dev Technology is a growing IT company with an employee-centric culture that works on mission-critical projects for the federal government. We partner with our federal customers to deliver technology services and solutions, and to drive our client’s missions forward through innovation. We use Agile and DevSecOps principles to provide services including application development, biometrics and identity management, cloud and infrastructure optimization, IT and legacy modernization, and data management. As a Washington Post Top Workplace award winner for the past ELEVEN years in a row, the Top Workplaces USA for the past three years, and a recipient of the Companies As Responsive Employers (CARE) Award for the past four years, Dev Technology employees enjoy:
- Generous and flexible time-off policy
- Flexible work schedules and telework options, including remote work availability for eligible projects
- Career development opportunities including a mentorship program, technical and management training through Dev University, hands-on learning through DevLab, tuition reimbursement, and paid training opportunities
- Industry-leading benefits including a choice of two health plans that include dental and vision, flexible spending account, commuter benefits, life insurance, and more
- 401K matching with immediate vesting and end of year profit sharing
- Regular team and company social events including our annual party, happy hours, fitness challenges, and more
- A focus on community engagement including company wide support activities, employer match for donations, and time off for volunteer efforts
- To learn more about working at Dev Technology visit, Working At Dev Technology Group
Dev Technology Group operates in the following states: AL, AR, AZ, CO, DC, FL, GA, ID, IL, IN, MD, MA, ME, MI, MN, MO, NC, NJ, OR, PA, SC, TN, TX, VA, WV.
EEO/AA/Disability/Vets Employer
SMS Terms and Privacy Notice
Dev Technology Group offers you the option to engage in SMS text conversations about your job application. By participating, you also understand that message frequency may vary depending on the status of your job application, and that message and data rates may apply. Please consult your carrier for further information on applicable rates and fees. Carriers are not liable for delayed or undelivered messages. Reply STOP to cancel and HELP for help. By opting-in to receiving SMS text messages about your job application, you acknowledge and agree that your consent data, mobile number, and personal information will be collected and stored solely for the purpose of providing you with updates and information related to your job application.
No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.
