Engineering and CI/CD Automation
Design, implement, maintain, and optimize enterprise CI/CD pipelines supporting software development and deployment activities.
Develop automated workflows for code integration, testing, security validation, packaging, release management, and deployment.
Administer and support CI/CD platforms including:
- Jenkins
- GitLab CI/CD
- GitHub Actions
Support source code management platforms and branching strategies.
Implement deployment automation across development, integration, testing, staging, and production environments.
Monitor pipeline performance and continuously improve delivery efficiency and reliability.
Migrate software builds through development, testing, integration, and production environments.
Monitor deployment activities and remediate deployment failures within established service level agreements.
Infrastructure as Code and Automation
Develop and maintain Infrastructure as Code (IaC) solutions using Terraform.
Implement automated configuration management using Ansible.
Develop reusable infrastructure modules, templates, and automation frameworks.
Automate operational, administrative, and deployment processes.
Support environment standardization and infrastructure modernization initiatives.
Implement automated provisioning and configuration management capabilities across enterprise environments.
Container Platform Engineering
Support containerized application deployments using Docker and Kubernetes platforms.
Administer Rancher-managed Kubernetes environments.
Manage container image lifecycle processes and private container registries.
Implement container security best practices and vulnerability remediation procedures.
Support runtime security monitoring and compliance initiatives.
Assist application teams with container adoption, deployment patterns, and troubleshooting.
Application Security and Integration
Integrate security controls and automated testing throughout the Software Development Lifecycle.
Configure and maintain application security tools including:
- OpenText Fortify (SAST)
- Dynamic Application Security Testing (DAST)
- Software Composition Analysis (SCA)
- Secrets Management and Scanning Tools
Review vulnerability findings and collaborate with development teams to remediate issues.
Implement automated security gates and quality control processes.
Support secure software development initiatives aligned with Federal security requirements.
Promote DevSecOps best practices across development and operations teams.
Vulnerability Management and Compliance
Support vulnerability management activities using Tenable and related security platforms.
Conduct vulnerability assessments, remediation tracking, and risk analysis.
Develop mitigation strategies when vulnerabilities cannot be remediated within required service levels.
Coordinate mitigation approvals with Information System Security Officers (ISSOs).
Implement approved mitigation plans following established change management procedures.
Maintain compliance with:
- FISMA
- NIST 800-53
- NIST Secure Software Development Framework (SSDF)
- NIH and HHS security policies
- Zero Trust Architecture principles
Support audit readiness and compliance reporting activities.
Required Technical Skills
CI/CD and Automation
Jenkins
GitLab CI/CD
GitHub Actions
Git-based Source Control
Release Management
Infrastructure Automation
Terraform
Ansible
Infrastructure as Code (IaC)
Configuration Management
Container Technologies
Docker
Kubernetes
Rancher
Security
OpenText Fortify
SAST
DAST
Software Composition Analysis (SCA)
Secrets Management
Tenable Vulnerability Management
Programming and Scripting
Python
JavaScript / TypeScript
Java
C#
PHP
REST APIs
Enterprise Platforms
Windows Server
Red Hat Enterprise Linux (RHEL)
Microsoft SQL Server
Oracle Database