We are seeking a talented and experienced DevSecOps Architectto lead the design and implementation of secure DevOps practices for the Stateof Michigan. Qualified applicants must live within the state of Michigan or bewilling to relocate.

As a DevSecOps Architect, you will play a crucial role inensuring the security of our software development and deployment processeswhile maintaining high standards of operational efficiency. You will be responsible for designing, building, andmaintaining robust DevSecOps pipelines that integrate security throughout thesoftware development lifecycle (SDLC). You will collaborate withcross-functional teams (development,operations, and security) todevelop strategies for automating security processes and ensuring thecontinuous delivery of secure and high-quality software products.

ROLES & RESPONSIBILITIES

1.Develop andimplement secure DevOps practices throughout the SDLC.

2.Collaborate withdevelopment and operations teams to integrate security controls and bestpractices into the CI/CD pipeline.

3.Lead theimplementation of security controls, tools, and processes to automate securitytesting, vulnerability scanning, and compliance checks.

4.Design and implementautomated security testing and monitoring tools to identify vulnerabilities andthreats.

5.Develop and maintaininfrastructure solutions for provisioning and configuring secure cloud environments.

6.Perform codereviews, vulnerability assessments, and penetration testing to ensure thesecurity of applications and infrastructure.

7.Configure and managesecurity tools such as static code analysis, dynamic application securitytesting (DAST), and container security scanners.

8.Monitor and respondto security incidents, conduct root cause analysis, and implement correctiveactions.

9.Stay up to date withindustry trends, emerging threats, and security best practices to continuallyenhance our security posture.

10.Provide guidance and support todevelopment and operations teams on security-related matters.

11.Collaborate with compliance and auditteams to ensure adherence to regulatory requirements and industry standards.

Theabove list isthemajorduties andresponsibilitiesofthisjoband is not a complete list of all tasks andfunctions. Other duties may be assigned.

Requirements

REQUIRED EDUCATION, EXPERIENCE, KNOWLEDGE, & ABILITIES

1. Bachelor's degree in Computer Science, Information Security, or related field (or equivalent work experience).
2. Proven experience working in a DevOps or DevSecOps environment.
3. Strong understanding of SDLC methodologies, including Agile and DevOps principles.
4. Proficiency in scripting and automation, such as using Python, Bash, or PowerShell.
5. Familiarity with containerization technologies (e.g., Docker, Kubernetes) and orchestration tools.
6. Experience with scanning tools (like Nessus, Qualys, OWASP ZAP, or similar), vulnerability management systems, and security information and event management (SIEM) solutions.
7. Knowledge of security standards and frameworks such as OWASP Top 10, NIST, CIS benchmarks, etc.
8. Excellent problem-solving skills and attention to detail.
9. Strong communication and collaboration skills, with the ability to work effectively in a team environment.

PreferredQualifications

1. Certifications such as CISSP, CEH, CSSLP, or similar.
2. Experience with infrastructure automation tools like Terraform, Ansible, or Chef.
3. Previous experience with security information and event management (SIEM) systems.
4. Familiarity with container security best practices and tools.
5. Experience implementing and managing identity and access management solutions.

Join our team and be part of a dynamicenvironment where your expertise in DevSecOps will make a significant impact onthe security posture and success of systems that serve the public. Apply now toembark on an exciting journey with us!

Benefits

Benefits & Compensation

-Competitive compensation and benefits, including a 3% company match for your IRA, withimmediate vesting.

-Collaborative and innovative work environment.

-Professional development opportunities, including working with leading-edgetechnologies.

- Paid holidays and personal days.

- Partial Internet and smartphone expensereimbursement.

- Ongoing opportunities forprofessional development.

Location & Work Environment

This position is full time andcan be 100% remote within the USA. Michigan residents will be in the office inLansing, Michigan onsite approximately 2 to 4 days per month (subject tochange). Embrace a positive work environment by demonstrating culturalawareness, flexibility, collaboration, and creativity. You will be more content andsuccessful in this position if you are motivated by public service.

We are committed to equalopportunity in employment, fostering a diverse and inclusive culture.

For more information,visit www.ajboggs.com/careers.