DevSecOps Engineer

As a DevSecOps Engineer at Oddball, your responsibilities will involve working closely with talented DevOps engineers to build and implement best practices in the federal space. You will be tasked with creating and documenting CI/CD jobs, developing infrastructure through Terraform, writing Ansible playbooks, and building tools that enhance operational efficiency. Ultimately, your work will be instrumental in creating software solutions that positively affect millions of lives.

To qualify for the DevSecOps Engineer position at Oddball, you need a Bachelor’s degree, along with experience in AWS services like CloudWatch Logs and S3. Proficiency in CI/CD scripts and familiarity with security tools such as NIST 800-53 is also required. Additionally, teamwork is key as you'll collaborate with a multidisciplinary team, and US citizenship is mandatory to attain a low-level security clearance.

Yes, the DevSecOps Engineer position at Oddball is fully remote, allowing you the flexibility to work from anywhere within the United States. This setup is ideal for those looking to maintain a work-life balance while contributing to impactful federal programs.

As a DevSecOps Engineer at Oddball, you will work with various technologies, including AWS Cloud services, Terraform for infrastructure as code, Ansible for automation, and modern programming languages like Python and Java. You'll also utilize CI/CD tools and frameworks aligned with federal security standards.

DevSecOps Engineers at Oddball can look forward to a comprehensive benefits package, including paid holidays, flexible PTO, an annual stipend, and a 401(k) plan with company matching. Our competitive salary range for this position is between $125,000 and $150,000, reflecting our commitment to fair and competitive compensation for our employees.

When discussing your experience with CI/CD pipelines, highlight specific tools you've used, such as Jenkins or GitLab. Provide examples of projects where you successfully implemented CI/CD practices, focusing on how you improved deployment rates or reduced bugs. Showcase your understanding of automated testing and the benefits of continuous integration and delivery, as these are crucial for a DevSecOps Engineer role.

In responding to this question, mention security frameworks such as NIST 800-53 or FedRAMP that you have experience with. Detail specific tools you have worked with, like AWS Security Hub or Snyk, and provide context on how you implemented security measures in previous projects. This demonstrates your ability to prioritize security within the DevSecOps lifecycle.

When asked about managing cloud infrastructure with Terraform, explain your approach to writing and organizing Terraform modules, version control, and deployment processes. Discuss any experience you have in creating immutable infrastructure and how it aids in enhancing security and reliability, which is key for a DevSecOps Engineer.

For this question, share examples of your involvement in Agile projects. Highlight your role in sprints, daily stand-ups, and retrospectives, illustrating your collaborative spirit and adaptability. Emphasize any specific Agile methodologies you have followed, such as Scrum or Kanban, and how they contribute to a successful DevSecOps process.

To effectively answer this, outline a methodical approach to troubleshooting, starting with log analysis and identifying failure points in the CI/CD pipeline. Discuss collaboration with team members and using monitoring tools to diagnose problems. Sharing a specific incident where you resolved a deployment issue can further illustrate your problem-solving skills.

When discussing code quality and security, talk about your use of code review processes, automated testing, and static code analysis tools. Emphasize incorporating security practices by design (DevSecOps) and how continuous feedback loops contribute to maintaining high-quality standards in deployments.

Share your strategies for staying current with industry trends, such as following key blogs, participating in relevant webinars, or contributing to open-source projects. Mention any certifications you’re pursuing or community involvement that enhances your knowledge and skills in DevSecOps.

For this question, provide insight into your experience with containerization tools like Docker and orchestration platforms like Kubernetes. Describe how you’ve implemented these technologies in your work, focusing on improvements in scalability, efficiency, and deployment speed.

Discuss your experience collaborating with different roles, such as developers, product managers, and other stakeholders. Share examples of how you’ve navigated challenges in communication or differing priorities to achieve project goals, emphasizing the importance of teamwork in a DevSecOps environment.

When answering this question, speak about your passion for integrating security into the development process and how it aligns with your career goals. You might also mention the satisfaction you derive from knowing your work contributes to safer and more reliable software, especially in a federal setting where the impact can be profound.