Application Vulnerability Assessment Program (AVAP) Engineer/System Administrator


Introduction
Elluminates Software provides innovation for Federal customers, including AI-driven SaaS, Cloud and On-Prem transformation, and advanced Infrastructure Automation.

We have worked closely with the industry to innovate and collaborate on solutions with national and global technology platform impact for over twenty years.

Job Description

The Application Vulnerability Assessment Program (AVAP) Engineer/System Administrator is responsible for operating and securing the program’s application security platforms, including OpenText Fortify, OWASP Dependency-Track, and any future application security tools, deployed in containerized and virtualized environments within Azure Kubernetes Service (AKS). This role manages Kubernetes-based infrastructure (AKS), container image pipelines, and automation through Infrastructure-as-Code and CI/CD (Azure DevOps) to ensure resilient, scalable, and compliant deployments. The engineer will perform system administration for both Windows and Linux environments, enforce security and compliance requirements aligned to federal standards, and maintain runbooks, SOPs, and metrics to support operational excellence. In addition, the role supports AVAP customers by troubleshooting platform issues to minimize downtime and ensure mission-critical vulnerability assessment services remain highly available.

Duties and Responsibilities:

• Design, deploy, and maintain secure, scalable, and resilient cloud infrastructure in Azure such as Azure Key Vault, Azure SQL Server, Azure SQL DB, Azure Kubernetes Service (AKS), etc.
• Operate and administer Kubernetes clusters (AKS) including node pools, networking, persistent volumes, ingress controllers, secrets management, access control, namespaces, etc.
• Manage system administration for both Windows and Linux environments
• Manage container image lifecycle and updates by pull hardened images (i.e., Iron Bank), scan for vulnerabilities, enforce least-privilege configurations, and publish to ACR.
• Perform regular server administration tasks including patching, user provisioning, system monitoring, and backup/restoration.
• Automate deployments of infrastructure and applications using Azure DevOps or equivalent CI/CD pipelines with ARM/Bicep/Terraform and Helm.
• Implement and enforce security/compliance controls aligned to NIST SP 800-53 and Zero Trust (i.e., key vault integration, secret management, TLS cert rotation).
• Develop and maintain operational runbooks, playbooks, SOPs, and system/network architecture diagrams to ensure repeatability and continuous system documentation.
• Troubleshoot platform and pipeline issues across application, network, and infrastructure layers to minimize downtime for AVAP customers.
• Contribute to monitoring and metrics collection (availability, scan throughput, failure rates, license utilization) to support program-level reporting.

Required Qualifications:

• Demonstrated expertise with Azure (preferred) and familiarity with AWS and GCP cloud services.
• Hands-on experience with Kubernetes administration (AKS), Helm, and containerization (Docker).
• Experience with system administration for both Windows and Linux environments
• Experience with system administration pertaining to SQL servers/databases, backup/restore, patching, etc.
• Experience with Infrastructure-as-Code (ARM/Bicep, Terraform, Helm) and CI/CD pipelines (Azure DevOps).
• Demonstrated experience with Terraform, Bicep, and/or ARM for infrastructure automation and immutability.
• Strong troubleshooting skills across networking, compute, and application layers.
• Familiarity with application security tools is a plus (OpenText Fortify Software Security Center, License and Infrastructure Management, OWASP Dependency Track, etc.)
• Understanding of single sign-on implementations using SAML/OIDC (management of users/groups in Okta) as well as SCIM for automatic user provisioning.
• Excellent technical writing and documentation skills.
• Ability to work within government compliance frameworks (FedRAMP, NIST, FISMA, Zero Trust).

 
Years of Experience and Education Requirements

• Bachelor’s degree in Computer Science, Information Technology, or related field, or equivalent hands-on experience.
• 3 years of hands-on experience in system administration and DevOps engineering supporting containerized platforms/Kubernetes.

Type: Full-Time
Clearance: Active Secret with the ability to obtain a Top Secret
Location: Northwest D.C. 4 days on-site, 1 day Hybrid (Monday or Friday) 
Shift: Normal Business Hours
Type of Travel: Local