DevSecOps Specialist

DevSecOps Specialist

Please Note:  This position is pending a contract award.  If you are interested in a future with Cherokee Federal, APPLY TODAY!  Although this is not an approved position, we are accepting applications for this future and anticipated need.

This position requires an active Public Trust clearance or the ability to obtain a  Public Trust clearance to be considered. 

Cherokee Nation System Solutions, LLC is seeking an experienced DevSecOps Specialist to join our security and development teams to integrate security best practices throughout the software development lifecycle. This role is responsible for monitoring and analyzing system performance, identifying application vulnerabilities, and implementing mitigation strategies to ensure secure software deployment. The ideal candidate will apply advanced knowledge of software security tools, protocols, and development practices to monitor for security breaches, respond to incidents, and conduct ongoing security assessments in support of a secure DevSecOps environment.

Compensation & Benefits:

• Estimated Starting Salary Range for DevSecOps Specialist: Pay commensurate with experience.
• Full time benefits include Medical, Dental, Vision, 401K, and other possible benefits as provided.  Benefits are subject to change with or without notice.

DevSecOps Specialist Responsibilities Include: 

• Monitor and analyze system performance to detect potential security issues and optimize security controls throughout the development pipeline.
• Identify and mitigate software application vulnerabilities, applying advanced knowledge of security tools and protocols to protect applications from potential threats.
• Implement and maintain security protocols within the DevSecOps pipeline, ensuring consistent and effective integration of security controls in all stages of development and deployment.
• Coordinate ongoing collaboration between development, release management (operations), and the IT Security team to ensure the deployment of secure applications. 
• Conduct security assessments of applications and systems to proactively identify and address potential security risks.
• Respond to security incidents, providing rapid analysis and implementing appropriate responses to mitigate breaches.
• Collaborate with development, security, and operations teams to ensure that security best practices are embedded within CI/CD pipelines and software development processes.
• Conduct application security scanning and validation including static code and RESTful API services. 
• Use security tools (e.g., e.g., HCL AppScan Enterprise, HCL AppScan Standard, SmartBear Ready API, ZAP, static and dynamic analysis tools) to continuously monitor and validate application security, making improvements to security configurations as needed.
• Develop and document mitigation strategies and security protocols, enabling secure development practices and minimizing the organization’s risk exposure.
• Stay updated on emerging DevSecOps trends, security vulnerabilities, and industry best practices to maintain a proactive and adaptive security posture.
• Performs other job-related duties as assigned

DevSecOps Specialist Experience, Education, Skills, Abilities requested: 

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field is preferred.
• Minimum 5 years of experience in DevSecOps, software security, or a related field, with expertise in application security and vulnerability management.
• Proficiency in software security tools (e.g., SAST, DAST, SonarQube, Aqua Security) and familiarity with software development protocols and practices.
• Strong knowledge of CI/CD pipelines, automation, and security best practices within a DevSecOps framework.
• Experience conducting security assessments and applying mitigation strategies within development environments.
• Preferred Skills:
  • Relevant certifications (e.g., Certified DevSecOps Professional, CSSLP, CISSP).
  • Experience in secure coding practices and integrating security tools into automated pipelines.
  • Strong problem-solving and analytical skills, with the ability to respond effectively to security incidents and vulnerabilities.
• Must pass pre-employment qualifications of Cherokee Federal

Company Information:

Cherokee Nation System Solutions (CNSS) is a part of Cherokee Federal – the division of tribally owned federal contracting companies owned by Cherokee Nation Businesses. As a trusted partner for more than 60 federal clients, Cherokee Federal LLCs are focused on building a brighter future, solving complex challenges, and serving the government’s mission with compassion and heart. To learn more about CNSS, visit cherokee-federal.com.

#CherokeeFederal #LI #LI-REMOTE

Cherokee Federal is a military friendly employer. Veterans and active military transitioning to civilian status are encouraged to apply.

Keywords

1. DevSecOps
2. CI/CD Pipelines
3. Application Security
4. Vulnerability Management
5. Secure Coding Practices

Similar Job Titles

1. DevSecOps Engineer
2. Application Security Specialist
3. Vulnerability Management Engineer
4. CI/CD Security Analyst
5. Secure Software Development Specialist

Legal Disclaimer: Cherokee Federal is an equal opportunity employer. Please visit cherokee-federal.com/careers for information regarding our Affirmative Action and Equal Opportunity Employer Statement, and Accommodation request.

Many of our job openings require access to government buildings or military installations. Candidates must pass pre-employment qualifications of Cherokee Federal.