Student Veterans of America Jobs

Welcome to SVA’s jobs portal, your one-stop shop for finding the most up to date source of employment opportunities. We have partnered with the National Labor Exchange to provide you this information. You may be looking for part-time employment to supplement your income while you are in school. You might be looking for an internship to add experience to your resume. And you may be completing your training ready to start a new career. This site has all of those types of jobs.

Here are a few things you should know:
  • This site is mobile friendly. You do not need a log-in or password to access information.
  • Jobs on this site are original and unduplicated and come from three sources: the Federal government, state workforce agency job banks, and corporate career websites. All jobs are vetted to ensure there are no scams, training schemes, or phishing.
  • The site is refreshed daily to remove out-of-date content.
  • The newest jobs are listed first, so use the search features to match your interests. You can look for jobs in a specific geographical location, by title or keyword, or you can use the military crosswalk. You may want to do something different from your military career, but you undoubtedly have skills from that occupation that match to a civilian job.
Home View All Jobs (2,192,340)

Job Information

The University of Chicago DevSecOps Engineer - JR25549-3800 in Chicago, Illinois

This job was posted by https://illinoisjoblink.illinois.gov : For more information, please see: https://illinoisjoblink.illinois.gov/jobs/11902769 Department

BSD CTD - DevSecOps

About the Department

The Center for Translational Data Science (CTDS) at the University of Chicago is a research center whose mission is to develop the discipline of translational data science to impactful problems in biology, medicine, healthcare, and the environment. We envision a world in which researchers have ready access to the data needed and the tools required to make data driven discoveries that increase our scientific knowledge and improve the quality of life. We architect ecosystems of large-scale commons of research data, computing resources, applications, tools, and services for the broader research community to use data at scale to pursue scientific inquiry and accelerate discovery. Learn more at https://gdc.cancer.gov/, https://gen3.org/, https://stats.gen3.org/, and https://ctds.uchicago.edu/.

Job Summary

As a DevSecOps Engineer on our team, you\'ll use your development experience to streamline our secure software development life cycle, security automation and orchestration, and incident response from requirements to monitoring in production You\'ll incorporate open-source tools, automation, and Cloud resources to cut down on tedious, monotonous tasks and free up the teams to do what they do best - innovate.

This at-will position is wholly or partially funded by contractual grant funding which is renewed under provisions set by the grantor of the contract. Employment will be contingent upon the continued receipt of these grant funds and satisfactory job performance.

Responsibilities

  • Evaluate and analyze threat, vulnerability, impact, and risk of security issues discovered from various DevSecOps tools such as Static Application Security Testing (SAST), Software Composition Analysis (SCA), Interactive Application Security Testing (IAST), Dynamic Application Security Testing (DAST) and Container Security platform.
  • Advise and collaborate with DevOps teams, developers, application, and project teams on the security issues, including explanation of the technical details and how they can remediate the vulnerabilities in their applications.
  • Develop and design DevSecOps metrics, policies, processes, and procedures.
  • Provide training to developers and other stakeholders on the usage of the tools.
  • Assist with implementing and designing automated security checks and additional security tools within the CI/CD pipelines.
  • Conduct POCs and work with vendors for DevSecOps tools to achieve security automation and efficiency.
  • Effectively communicate and manage expectations of various stakeholders.
  • Keep abreast of the latest industry trends in security and DevSecOps processes and make continuous recommendations for improvement.
  • Assist in maintaining FedRamp Moderate and FISMA Moderate compliance.
  • Investigates, analyzes and resolves day-to-day technical problems using standard procedures.
  • Works with stakeholders to gather and analyze requirements for developmental programs. Receives a moderate level of guidance to design applications to meet University and business requirements.
  • Performs code testing on components and works to ensure that appropriate implementation standards are met. Evaluates design alternatives for development cost and solutions using various methods.
  • Supports and maintains existing applications. Works with developers and responds to requests from users.
  • Performs other related work as needed.

Minimum Qualifications

Education:

Minimum requirements include a college or university degree in related field.

---

Work Experience:

Minimum requirements include knowledge and ski ls developed through 5-7 years of work experience in a related job discipline.

---

Certifications:

---

Preferred Qualifications

Education:

  • A recognized university degree in Computer Science, Computer/Electrical Engineering, Information Technology or equivalent.

Experience:

  • 2+ years of experience developing infrastructure, system configuration and/or deployment automation, for one or more cloud platforms including OpenStack, AWS, GCP, and Azure.
  • Sound technical background of working with SAST, SCA, DAST, IAST and other vulnerability scanning tools.
  • Prior experience in performing secure code reviews, web application penetration tests.
  • Solid understanding of full DevSecOps pipeline, Agile methodology, container security, APIs and microservices.
  • Capable of working with various CI/CD tools.
  • Analytical thinker with excellent communication skills.
  • Familiarity of NIST 800-53, FedRAMP, FISMA, HIPPA and other regulatory/industries requirements.
  • Experience with Palo XSOAR.

Licenses and Certifications:r

DirectEmployers