Responsibilities 

• Stay up to date with latest revisions of NIST RMF revisions and develop/update policy documents as needed 

• Document and implement security of the Continuous Integration (CI) pipelines in GitLab CI/CD using JFrog Artifactory, SonarQube, and Ansible 

• Develop threat models and other required documentation that describe end-to-end security of the SDLC 

• Manage integration, security scanning, and deployment security of multiple applications into orchestrated frameworks 

• Ensure software promotions comply with government security policies at all classification levels 

• Manage AWS (GovCloud) security to maintain integrity of software artifacts 

• Other duties as assigned. 

• Bachelor’s degree in cybersecurity, computer science, engineering, mathematics, or physical sciences 

• At least two years of professional experience building and executing DevOps or DevSecOps solutions using Continuous Integration / Continuous Deployment (CI/CD)

• Demonstrated experience in NIST RMF, CMMC, and STIG compliance 

• Demonstrated experience in applying security best practices to containerized solutions and orchestration frameworks such as Docker, Podman, Kubernetes, etc. 

• Demonstrated cybersecurity protocols are followed in development, test and production environments 

• Knowledgeable with different types of software licenses (Public Domain, LGPL, Permissive, Copy Left, Proprietary)  

• The ability to obtain and maintain a DoD security clearance 

• Ability to work 100% on-site 

• Detail oriented 

• Good verbal and written communication skills 

Candidates who have any of the following skills will be preferred: 

• Demonstrated experience with static and dynamic analysis tools 
• Demonstrated experience with software package artifact management using JFrog Artifactory, Nexus or similar 
• Experience with software vulnerability assessment and remediation using SAST/DAST and tools like Sonarqube 
• Experience with Python3 or C++ 
• Experience with container security tools such as Grype, Syft, Snyk, etc. 
• Systems and service administration in a Linux environment, including the installation and maintenance of applications supporting CI/CD like Gitlab, etc 

*Resumes, Cover Letters, and Applications which are generated by AI will not be considered for employment. 

SciTec offers a highly competitive salary and benefits package, including:

• 4% Safe Harbor 401(k) match
• 100% company paid HSA Medical insurance, with a choice of 2 buy-up options
• 80% company paid Dental insurance
• 100% company paid Vision insurance
• 100% company paid Life insurance
• 100% company paid Long-term Disability insurance
• Short-term Disability insurance
• Annual Profit-Sharing Plan
• Discretionary Performance Bonus
• Paid Parental Leave
• Generous Paid Time Off, including Holiday, Vacation, and Sick Pay
• Flexible work hours

The pay range for this position is $87,000 - $130,000 / year. SciTec considers several factors when extending an offer of employment, including but not limited to the role and associated responsibilities, a candidate's work experience, education/training, and key skills. This is not a guarantee of compensation.

SciTec is proud to be an Equal Opportunity employer. VET/Disabled.