DevSecOps Specialist

The department is seeking a DevSecOps Specialist role to administer and ultimately be accountable for the productivity and efficiency of the Iowa HHS CI/CD pipelines. This individual will serve as security engineering resource for agile application development teams of 15-20 project team members, for deployments and as a liaison to the Security Product Owner. This individual will also be responsible for the following:

• Establish Microsoft Azure Pipelines that will facilitate the automated code versioning, testing and deployment of application code, as well as IaC templates, to target environments.
• Utilize Bicep to implement Infrastructure as Code (IaC) for automating the provisioning and configuration of Microsoft Azure resources.
• Providing guidance to developers in the areas of Static Analysis Security Testing (SAST) and Dynamic Analysis Security Testing (DAST).
• Coordinating with enterprise architects and technical leads of existing systems to gain alignment with the modernization roadmap.
• Implementing technical improvements to improve efficiency and repeatability of the SDLC process from development to production.
• Transforming the functional work experience between the development and operations teams by breaking down silos and unifying the delivery process.

A successful candidate for this role is expected to possess the following skills and experience:

• Broad understanding of DevOps tools and technologies (source control, continuous integration, deployment automation and orchestration).
• In-depth knowledge of static code analysis security tools, dynamic testing tools and associated processes.
• Solid understanding of application security principles and security vulnerability mitigation techniques.
• Experience with infrastructure automation tools – including Infrastructure as Code (IaC) and cloud hosting technologies.
• In-depth experience with software development lifecycle methodologies.
• Experience delivering in an agile / iterative delivery environment.
• Ability to collaborate effectively with a wide range of personalities and work styles.
• Ability to break down complex tasks into actionable work items.
• Ability to work independently and communicate effectively.