Senior DevSecOps Engineer

Posted Aug 3

Softrams is one of the fastest growing digital services firms in the Washington Metropolitan regions crafting human-centered solutions and empowering digital services with a focus on HX, AI, cloud, DevOps and cyber security. Our offices are located in Leesburg VA, Baltimore MD, and Plano TX, and our teams are spread across the U.S. 

Recognized as a Top Workplace USA (2024)

Recognized as one of the Top Workplaces in Technology (2023, 2021) 

INC 5000, Fastest growing companies in America (2023, 2022) 

Washington Business Journal Top 75 Fastest Growing Companies in Greater Washington area 

2020 NXT UP - Top Federal Emerging Technology and consulting firms 

2020 Inaugural DC Metro’s Most Successful Companies 

2020 Washington Technology Fast 50 

NVTC Tech 100 (2020, 2019) 

Job Description:  

Softrams is seeking a seasoned Sr. DevSecOps Engineer to drive critical infrastructure changes through Infrastructure as Code (IaC) while ensuring the security of high-profile applications. The ideal candidate will have extensive experience with provisioning, updating, and removing resources or environments, writing, updating, and running Terraform code, managing database updates, and resizing resources based on load and performance metrics. Responsibilities include configuring roles and policies, managing internal and external cross-account access, maintaining and building networks, and managing DNS or resource property updates. Additionally, the role involves managing certificate requests, automated rotations, and audits. The Sr. DevSecOps Engineer will also monitor application performance, integrate monitoring tools with other services, create or update dashboards, alerts, and policies, and respond to infrastructure-related incidents. Expertise in CI/CD processes and the ability to troubleshoot job issues are essential. This role will be responsible for managing key infrastructure in the healthcare sector. 

Federal Requirements:

  • Ability to obtain a U.S. Federal Position of Trust clearance designation. 
  • Must reside in and be able to perform work in the United States. 
  • Must have lived in the United States for 3 of the last 5 years. 

Qualifications:

  • Experience with the following tools:  
  • AWS IAM 
  • AWS Fargate 
  • AWS RDS 
  • AWS ALB 
  • AWS SSM 
  • Cert Mgr 
  • Security Hub, etc 
  • Terraform 
  • CB Core 
  • Akamai 
  • New Relic 
  • Splunk 
  • Logstarkly 
  • Sonarqube 
  • Snyk 
  • Datadog 
  • Akamai Gateway 

Technology Requirements:

  • Infrastructure and networking (AWS and otherwise): 
  1. Provisioning, updating, removing AWS resources or environments 
  2. Writing, updating and running Terraform code 
  3. RDS database updates (version patches, maintenance) 
  4. Sizing up/down existing resources based on load and performance 
  5. IAM roles and policies used internally, external cross account role access for data sharing (incoming/outgoing) 
  6. Maintenance and building of networks utilizing VPC, Security Groups, Cisco VPN and Peering. 
  7. Working with Akamai on DNS or resource property updates 
  • Security Tooling / Skillset: 
  1. OWASP ZAP 
  2. Burp Suite 
  3. Snyk 
  4. Penetration Testing 
  5. Security Impact Analysis 
  • Certificate Management: 
  1. New certificate requests, renewing expiring certificates through automated rotation, and certificate auditing. 
  • Monitoring Application Experience: 
  1. Configuring integration between New Relic and other services (AWS, Splunk On-Call, Slack, etc) 
  2. Creating or updating dashboards, alerts, synthetics, policies 
  3. Troubleshooting problems and responding to incidents when infrastructure is involved 
  • CI/CD: 
  1. Creating and updating jobs in CBCore Jenkins 
  2. Troubleshooting problems when jobs are not successful 

Responsibilities:

  • Extensive experience with Infrastructure as Code (IaC) with proficiency in writing, updating, and running Terraform code 
  • Strong understanding of AWS and other cloud providers for provisioning, updating, and removing cloud resources or environments 
  • Proficiency in managing RDS database updates, including version patches and maintenance 
  • Ability to size up/down resources based on load and performance 
  • Experience configuring and managing IAM roles and policies 
  • Knowledge of internal and external cross-account role access for data sharing 
  • Expertise in maintaining and building networks utilizing VPC, Security Groups, VPN, and Peering 
  • Working with DNS and resource property updates 
  • Managing new certificate requests, renewing expiring certificates through automated rotation, and certificate auditing 
  • Configuring integration between monitoring tools (e.g., New Relic) and other services 
  • Creating or updating dashboards, alerts, synthetics, and policies 
  • Proficiency in troubleshooting infrastructure-related problems and responding to incidents 
  • Experience creating and updating jobs in Jenkins or equivalent CI/CD tools 
  • Troubleshooting CI/CD job failures and ensuring successful deployments 
  • Strong analytical and problem-solving skills 
  • Excellent communication and collaboration skills 
  • Relevant certifications (preferred) such as AWS Certified Solutions Architect, Certified Kubernetes Security Specialist (CKS), Terraform Certification, or equivalent 

Benefits and Perks

  • 65%-75% company-sponsored (including dependents) premiums towards medical, dental and vision insurance. 100% employer sponsored STD, LTD and life insurance (min $100K). Voluntary life insurance option available. 
  • Retirement 401(k) plan with employer matching. Immediate vesting. 
  • Maternity and parental leave. 
  • Vacation and sick leave. 
  • Discretionary bonuses, spot awards, gifts, and tenure-based rewards. 
  • Company-sponsored role-based training and certifications.  
  • Monthly DoordashDashPass subscription. 
  • Group discounts via LifeMart ADP 

Public Trust Clearance:

This role requires the hired candidate to go through public trust clearance. A minimum of 3 years of stay in the U.S. within the last 5 years is required to be eligible to qualify for public trust clearance sponsorship. 

Work Location:

We have open-collaboration offices in Leesburg VA and Baltimore MD for those who may prefer to work on-site. However, Softrams is a 100% remote-first team environment. Softrams works in the eastern time zone and standard work hours are 9am ET to 5pm ET with flexibility around start and end times based on team needs.

About Softrams:

Softrams is a Maryland and Virginia-based small business information technology, consulting, and solutions provider specializing in emerging technologies for UX/UI, mobile apps, DevOps, big data analytics, data science, and cyber security. We offer innovative technology implementations and build customer-centric services that are simple, intuitive, scalable, efficient and usable. 

EEO Statement:

Softrams, LLC. is an affirmative action and equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, veteran status, or genetic information. Softrams is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation, or to participate in the job application or interview process, contact the Talent Acquisition Team at recruiting@softrams.com