DevSecOps Engineer Security Clearance

Position: DevSecOps Engineer with Security Clearance
Description We are seeking a skilled and motivated Mid-Level Infrastructure Engineer with a strong background in Windows environments, Infrastructure as Code (IaC), and configuration management to join our team. The ideal candidate will concentrate on modernizing, upgrading, and managing Windows Server infrastructure, with a primary focus on implementing and maintaining Active Directory (AD) and Domain Controller (DC) environments. A key responsibility includes leveraging IaC and automation tools for server provisioning, patching, and configuration, while ensuring the seamless integration of Active Directory with Keycloak and implementing industry best practices and security compliance.

The Dev Sec Ops  Engineer will play a pivotal role in maintaining preexisting IL5 environments through production and will collaborate with cross-functional teams, including developers, system administrators, and cybersecurity professionals, to deploy secure, resilient, and scalable infrastructure, applications, and pipelines. This role requires hands-on experience with modern Dev Sec Ops  tools, platforms, and methodologies, including but not limited to Git Lab, Flux, Kubernetes, CI/CD pipelines, Zero Trust, Active Directory, and Single Sign On tools.

Key Responsibilities
• Deploy, configure, maintain, and troubleshoot Active Directory (AD) and Domain Controller (DC) environments in a hybrid or on-premise Windows environment.

• Maintain the integrity and security of AD forests, domains, and trusted environments.

• Harden Active Directory and Domain Controller configurations following DoD STIG compliance and industry best practices.

• Manage Group Policy Objects (GPOs) and enforce security policies using tailored configurations.

• Ensure monitoring, logging, and auditing capabilities are in place to track AD/Domain Controller performance and security.

• Ensure security best practices, including Role-Based Access Control (RBAC), namespace isolation, and secure ingress/egress traffic configurations.

• Create AWS AMI for Windows Servers using Packer, Ansible, and powershell.
• Work within a secure, air-gapped IL5 environment and implement robust processes to ensure compliance with DoD or other regulatory frameworks.

• Implement and ensure the security and availability of Windows and Linux systems, including patch management, vulnerability assessments, and compliance with organizational policies.

• Automate recurring tasks using scripting tools like Power Shell, Ansible, Python, Bash or Powershell to improve operational efficiency.

• Troubleshoot issues within Windows (file systems, network connectivity, performance, and authentication).

• Plan and execute upgrades, migrations, and installations for both Windows and Linux systems.

• Collaborate with cross-functional teams to ensure systems integration and operational effectiveness.

• Develop and deliver technical documentation, including CI/CD pipeline configurations, workflow processes, and build instructions.

Position Overview Qualifications

Required Skills and Qualifications:

• Technical Education/Clearance.

• Must have BS Degree with (6) six years of experience.

• Security+ Certification.
• Must an active Secret Clearance. Technical Expertise:
• Strong knowledge of Active Directory architecture, including replication, forests, and domains.

• Proficiency with Windows Server administration, roles, and features.

• Comprehensive Understanding with security frameworks, such as NIST or ISO, and their application in AD/DC environments.

• Experience in integrating authentication/SSO identity solutions including but not limited to Keycloak, Active Directory, SAML integration with SSO in tools, RBAC best practices within AD.

• Proficiency with Git Lab CI/CD and Git-based workflows to version control and orchestrate pipelines.

• Knowledge and experience working in secure environments, specifically Impact Level 6 (IL6) or similarly controlled environments, with a strong understanding of DoD or equivalent compliance frameworks.

• Proficiency in tools for security automation:

• Image Scanning Tools (e.g., Anchore).

• Static Code Analysis Tools (e.g., Sonar Qube).

• Software Signing Tools (e.g.,…