DevSecOps Engineer

Overview

Naval Information Warfare Center, Pacific (NIWC Pacific) is looking for a self-directed and motivated individual to join our team as DevSecOps in support of the MQ-25A Stingray unmanned aerial tanker program. Primary work location is at Naval Information Warfare Center Pacific in San Diego, CA with additional ability to perform some aspects of the position remotely. This position requires a DoD Secret clearance and approximately quarterly travel to sponsor labs and aircraft vendor sites. The MQ-25A Stingray is the Navy’s new unmanned drone with a primary mission of aerial refueling and a secondary capability to provide Intelligence, Surveillance, and Reconnaissance (ISR) all while being launched and recovered from an aircraft carrier.

In this position you will provide engineering and software development support to Naval Information Warfare Center Pacific (NIWC Pacific) Code 551 fulfilling PMA-268 Unmanned Carrier Aviation (UCA) requirements, focusing on CI/CD infrastructure, maintenance, troubleshooting, and hardware support for the Advanced Networking Tactical System (ANTS) Operational Support System (OSS) network management software, which is hosted in the ANTS wideband network transport system onboard the MQ-25A aircraft. As an ANTS OSS DevSecOps Engineer, you’ll be part of a small team focused on developing and maintaining the infrastructure that aids software engineers in the execution of full life-cycle software development. One primary goal will be to apply your knowledge of DevSecOps to implement robust continuous integration and delivery (CI/CD) pipelines; integrated with automated testing, and vulnerability & quality scanning capabilities. By joining a cross-functional and collaborative team, you will be responsible for both modernizing current services and applications to deploying and integrating new technologies.

Below lists the primary duties and responsibilities for this position, minimum required skills, and additional requested qualifications and experience. 

Must be in or Willing to Relocate to San Diego, CA. Relocation assistance is available for qualified candidates.

Responsibilities

Design, develop, and improve the automation pipeline and integrated deployment processes to aid in software build and releases activities

• Perform technical support for the OSS team and assists in satisfaction of the customer security directives and requirements ensuring that systems are safe and secure against cybersecurity threats
• Manage software dependencies including evaluation, acquisition & licensing, integration, and maintenance for software used by developers to deliver capabilities to the customer
• Assist software teams with server upgrades/patches, database support, and setup of virtual environments. Supports operating system, infrastructure, and platform hardening
• Create security and maintenance patches for ANTS OSS application
  • Retrieve Red Hat Enterprise Linux updates and tailor rpm packages for NMS application
  • Retrieve and install vendor firmware updates for ANTS system hardware components
  • Develop and execute regression test scripts to verify system functionality
• Publish security and maintenance patches to ANTS Artifactory system binaries repository in accordance with ANTS configuration management and control processes
• Prepare and present reports on software patch status to OSS Lead/Product Owner, external stakeholders and sponsors during Sprint Reviews
• Work with system software testers to update manual and automated system test scripts as needed for each patch and collect system test metrics
• Diagnose and debug faults with Red Hat Enterprise Linux operating system and system hardware components
• Build and maintain Assured Compliance Assessment Solution (ACAS)/Nessus servers for scanning ANTS OSS and laboratory infrastructure
• Perform Assured Compliance Assessment Solution (ACAS) and Security Content Automation Protocol (SCAP) scans of the ANTS OSS and remediate findings
• Perform analysis of Security Technical Implementation Guide (STIG) checklists for system software and remediate findings

Education/Qualifications

• Active DoD Secret clearance 
• Experience with DevSecOps tools and techniques
• Extensive Linux experience with servers and workstations.
  • Ability to easily navigate the CLI, knowledgeable with typical Linux troubleshooting tools, and have a broad understanding of Linux internals and debugging techniques
• Proficiency with at least one scripting language, preferably Python, with the ability to automate processes
• Familiarity with DevOps tools like Jenkins, JIRA, Confluence, Bitbucket, etc.
• Experience in software development lab infrastructure design, layout, and implementation
• Excellent communication skills with attention to documentation
• CSWF Level II certifications:
  • CompTIA Security (must pass exam)
  • CompTIA Linux (must pass exam or complete training course)
  • Cisco CCNA (must pass exam or complete training course)