DevSecOps Solutions Architect - 1952441

Mount Indie is in search for aSr. DevSecOps Solutions Architect III. In this role, you'll be designing, implementing, and overseeing the integration of security practices into DevOps processes, providing secure and efficient delivery of software solutions while maintaining cybersecurity standards.

Responsibilities:

• Develop and refine DevSecOps strategies that align with business objectives, development goals, and security requirements.
• Design and implement secure CI/CD pipelines, automation frameworks, and deployment processes.
• Facilitate the integration of security protocols into the SDLC workflow, incorporating activities such as threat modeling, code review, vulnerability scanning, and penetration testing.
• Work across teams to implement security best practices.
• Assess, choose, and incorporate security solutions and technologies to augment the DevSecOps pipeline, including static analysis tools, dynamic analysis tools, and container security platforms.
• Spot potential security weaknesses and vulnerabilities in applications, infrastructure, and processes, working with relevant stakeholders to implement effective mitigations.
• Present suggestions on risk assessment/management, and compliance with industry standards.
• Develop detailed documentation outlining the architecture, security protocols, and processes integrated into the DevSecOps pipeline.

Required Qualifications:

• Active TS/SCI Clearance with CI Poly
• A minimum of 12 years experience in a Solutions Architect role, with a strong focus in DevSecOps.
• Proven experience providing architecture, design, and implementation of DevSecOps solutions at scale, in the cloud, across Impact Levels (IL5 and above) simultaneously.
• In-depth knowledge of DevOps practices, CI/CD pipelines, and automation tools (e.g., Jenkins, GitLab, Artifactory, SonarQube, Selenium).
• Advanced proficiency with infrastructure as code (IaC) tools such as Terraform, CloudFormation, or Ansible.
• Demonstrated experience securing cloud-based applications and services.
• Proficiency in containerization and orchestration technologies (e.g., Docker, Kubernetes, OpenShift, EKS) and securing containerized applications.
• Hands-on experience with security tools for static code analysis, dynamic application security testing (DAST), and vulnerability scanning, using tools such as Fortify, Acunetix, and Prisma Cloud.
• Proven experience with scripting languages (e.g., Python, Bash) for automation and tool integration.
• Understanding of security frameworks (e.g., OWASP, NIST).
• Strong problem-solving skills and the ability to work effectively in a fast-paced, collaborative environment.
• Excellent communication skills, both written and verbal, with the ability to convey complex security concepts to technical and non-technical stakeholders
• Cloud certifications such as AWS Solutions Architect Associate/Professional, AWS SysOps Administrator, AWS Developer, or AWS DevOps Engineer
• Certifications meeting IAT II preferred.