DevOps Security Engineer

  • Full-time
  • Job Type: Permanent

Company Description

About Us

At Leidos, we deliver practical solutions to the Federal Government’s most complex IT engineering problems. And, as a Prime Systems Integrator, these are often on a scale and variety rarely seen by other organisations. Whether developing and supporting technology transformation projects for the Bureau of Meteorology, providing software applications for critical Defence missions, or improving the way the ATO supports its service delivery, our work has a direct impact on the lives of Australians, and will certainly impact on your career.

Job Description

Your New Role

 

  • Day to day technical operation of the Security capabilities of a DevSecOps tool stack and Container Orchestration platform.  
  • Development of Infrastructure as Code and GitOps configurations for Security capabilities 
  • Support project and operational teams with the adoption of DevSecOps security capabilities and ways of working.  
  • Manage and maintain our DevSecOps and Container Security capabilities with things like best practice configuration, hardening, and patching.   
  • Work with Cyber Incident Response Teams, Security Engineering, DevOps, Insider Threat and Automation teams to help with technical alignment of security, business and technical objectives. 
  • Investigate and remediate complex technical problems within the Security tooling embedded into CI/CD and Kubernetes environments.  
  • Participate in Peer review for Infrastructure as Code and relevant documentation.  
  • Investigate and utilise new technologies to enhance security capabilities within CI/CD and Kubernetes 

 

Qualifications

About You and What You'll Bring

  • Previous experience in security monitoring, incident response, threat intel, security engineering or DevSecOps.  
  • Thorough working knowledge of Linux 
  • Understanding of GitOps, Agile and DevOps practices 
  • Ability to write code and work with Infrastructure as Code tools (Ansible, Terraform, Puppet etc) 
  • Experience with Kubernetes 
  • Experience with Container Security technologies like Prisma Cloud Compute Edition (ie Twistlock), Anchore, Notary, Clair etc. 
  • Experience with some of these technologies: 
    • Container Runtime Defence (e.g. Prisma Cloud Compute Edition / Aqua) 
    • Container Vulnerability / Compliance Scanning tools (e.g. Anchore, openscap, trivy) 
    • Gitlab / Azure DevOps Server pipeline configuration 
    • Version Control (git) 
    • Splunk Enterprise Security 
    • Hashicorp Vault 
    • Open Policy Agent 
    • Helm 
    • Container image creation tools 
    • Atlassian (Confluence/Jira) 
    • CIS Benchmarks 
  • Great Communication Skills – you will be a Security ambassador to other teams, partnering to add security to their delivery pipelines.  
  • Ability to own and resolve problems. 

Additional Information

What You'll Love

Over the last year, we have successfully adapted our approach to enable everyone - whether working remotely from home, an office or a customer site – to continue to be collaborative, productive and, above all, safe and healthy. We proudly embrace diversity and support our people at every stage of their Leidos journey in terms of inclusion, accessibility and flexibility.

At Leidos, you will be valued, included and supported. So if you are open-minded and keen to Be the difference, we look forward to welcoming you.

Applicants may also need to meet International Traffic in Arms Regulations (ITAR) requirements. In certain circumstances this can place limitations on persons who hold dual nationality, permanent residency or are former nationals of certain countries as per ITAR 126.1.

Privacy Policy