Job Description
Dark Wolf is looking for a Mid-Level DevSecOps SME / Information System Security Engineer (ISSE) to join a collaborative, dynamic team in a fast-paced, innovative mission environment. This position will work hand-in-hand with the customer team as well as external satellite software development contractors. The successful candidate will have a strong understanding of information security principles, as well as experience in software development, security engineering, risk management, and compliance. The specialist must be able to analyze complex technical issues and develop effective technical solutions. This role can be supported at a hybrid capacity in Colorado Springs, CO or Herndon, VA. Responsibilities include but are not limited to:
- Conducting technical evaluations of information systems design, containerized applications, and cloud architectures (AWS or GCP), and information security aspects and accreditation.
- Performing vulnerability assessments using automated software, pipeline, and container scanning tools including SonarQube, Snyk, NeuVector, and OWASP ZAP.
- Reviewing requests for software installation and conduct technical risk assessments on software implementation, specifically within Kubernetes clustered environments.
- Coordinating and tracking security action requests and report status to senior managers, leveraging GitOps workflows and automation tooling like ArgoCD and GitLab CI/CD.
- Analyzing, modifying when necessary, and maintaining the client’s certification to field security approvals (continuous ATO) by implementing DISA STIGs through automated Ansible Playbooks and hardened Dockerfiles.
- Conducting and analyzing auditing requirements continuously, implementing and monitoring logging, metrics, and tracing stacks via Grafana, Loki, Prometheus, Tempo, and Alloy.
- Enforcing zero-trust network architectures and traffic management within containerized environments using Istio or similar service meshes.
Required Qualifications:
- 5+ years of experience in IT security, information assurance, or DevSecOps engineering
- Background in secure software development with a proficiency in a scripting or programming language (e.g., Python, Golang) with an emphasis on automation and a foundational knowledge of how to interact with REST APIs
- Experience and enjoyment in working directly with customers to improve cyber security posture
- Experience authoring and maintaining systems security documentation and hardening configurations for modern cloud environments
- Experience in generating appropriate security documentation to receive proper authorization from customer security personnel, and correcting security shortfalls as they are identified through customer-sponsored reviews
- Strong understanding of Kubernetes Administration and a deep foundational knowledge of containerization (Docker and similar technologies)
- Understanding of the cyber environment and threats of our cyber adversaries, specifically regarding cloud and supply-chain vulnerabilities
- Possesses strong technical skills and analytic ability
- Bachelor’s Degree in Computer Science, Cyber Security, or a related technical field
- IAT Lvl 2 certification (e.g., Security+)
- US Citizenship and active TS/SCI clearance
Desired Qualifications:
- Previous experience as an ISSE / ISSM in a DoD or federal environment
- Relevant technical certifications such as Certified Kubernetes Administrator (CKA), Certified Kubernetes Security Specialist (CKS), or cloud-specific professional DevOps/Security certifications
The estimated salary range for this position is $130,000.00 - $140.000.00, commensurate on experience and technical interview.
This position will be hybrid on-site based out of Herndon, VA or Colorado Springs, Colorado.
We are strictly looking for direct, full-time W2 employees. We do not engage with third-party staffing agencies, C2C, or 1099 independent contractors for this role.
We are proud to be an EEO/AA employer Minorities/Women/Veterans/Disabled and other protected categories.
In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.
