Devsec Ops Lead

Validatek Washington , DC 20319

Posted 4 months ago

ValidaTek, Inc. is an award-winning Small Business that provides high-security mission-critical IT services to the Federal Government. Our commitment to excellence in service delivery has resulted in dramatic growth and an expanding client base that includes several U.S. Federal Departments. The corporate infrastructure is robust and based on industry best practices as evidenced by our DCAA Approved accounting system, ISO 9001:2015, ISO 20000-1:2011, and ISO 27001:2013 certifications, and CMMI Level 5 for Services (CMMI-SVC Level 5) and CMMI Level 5 for Development (CMMI-DEV Level 5) appraisals. We pride ourselves in being the best and only attracting and retaining the best talent to fuel our rapid growth. We promote a strong employee-focused corporate culture that provides a diverse, prosperous and rewarding place to work. We provide our employees with competitive benefits, educational assistance, and career growth opportunities. Every employee is valued for their contributions and we all take pride in helping our customers achieve their goals, which in turn contributes to the overall success of the company.

Position Description:

Part of a team supporting the operations and maintenance of large scale and worldwide Enterprise IT environment covering application hosting and support; enterprise services; and infrastructure services. This candidate will serve as a Tier III expert security analyst focused on application security for the Department of State, Bureau of Consular Affairs, Office of Consular Systems and Technology. The ideal candidate will be well-versed in security monitoring, incident response, and application security.

  • Reviews asset discovery and vulnerability assessment data, application security scan data, application and database event and security log data, security sensor tool events and alerts, network traffic data and perimeter security data.

  • Explores ways to identify stealthy threats that may have found their way inside the customer network, without detection, using the latest threat intelligence.

  • Reviews results of penetration tests on production, test and development systems to validate resiliency and identify areas of weakness to fix.

  • Recommends how to optimize security monitoring tools and security infrastructure devices based on threat hunting discoveries.

  • Applies experience in implementing and enhancing application security on a variety of web development platforms, and secure configuration of a variety of hosting environments.

  • Mentors Tier I and Tier II SOC Analysts on application security threat vectors and event analysis.

  • Researches threat vectors relevant to the enterprise technology baseline and threat intelligence; and reports relevant findings to applications development teams, SOC Analysts and customer leadership and stakeholder.

  • Reviews the escalation process and incident reports.

  • Reviews and revises SOC policies, procedures, SOPs, and playbooks.

  • Develops interface control documentation and security monitoring plans tailored to custom applications.

  • Interviews application development teams to discover and understand the traffic and behaviors of application users, and then uses that knowledge to examine production application traffic and performance to identify unusual traffic and behavior.

  • Creates searches, reports, alerts and dashboards in Splunk to track errors and anomalies in application traffic and user behavior that may represent suspicious or malicious activity.

Position Requirements/Qualifications:

Education and Certifications

  • BS/BA in related field preferred, or equivalent combination of education and experience.

  • Active Secret Clearance (Eligible for TS Clearance)

  • ITIL v3 Foundation (Required within 90 days of hire)

  • Certified Security professional (CISSP preferred)

  • Certifications in application security (CASE, CSSLP, CASS, GWEB, etc. preferred)

  • Certified Ethical Hacker preferred

Knowledge and Experience

  • Strong leadership and communication skills

  • 3 - 5 years experience with security incident response and recovery

  • 3 - 5 years experience with application security and application development

  • 5 - 10 years experience analyzing web application event logs and network traffic logs

  • Strong experience with .NET development and testing preferred

  • Experience with Windows Server, RHEL, VMware and container platforms preferred

  • Familiar with using data visualization tools

  • Familiar with using static code analysis tools and dynamic application testing security tools

  • Familiar with using Splunk (certified power user preferred)

Applicants who are selected for employment will be required to verify authorization to work in the United States.

ValidaTek is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, or disability status.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Data Center Facilities Engineering Run Ops Manager NA East


Posted 2 days ago

VIEW JOBS 10/14/2019 12:00:00 AM 2020-01-12T00:00 Facebook is seeking a Facilities Engineering Run Ops Manager to lead a multi-disciplined team of engineers supporting multiple regional data centers. Our data centers are the foundation upon which our rapidly growing infrastructure efficiently operates, and our innovative services are delivered. Facilities Engineering plays a key role in supporting the regions with responsive and proactive engineering deep dives and expert analyses, implementing solutions broadly across all regions, and developing multi-discipline engineering talent to advance Facebook's operational excellence. The Run Ops team functions include facility system optimization, incident response and containment, retrofit design review and execution, and capacity planning to help ensure our highly reliable environment is guaranteed to deliver. This position is a critical element of a larger Facilities Engineering matrix organization and has both functional and resource management responsibilities. This role will oversee a North America East Coast regional Run Ops teams, help create industry leading vision and strategy, help scale run operations, develop team and management talent, and help to develop people, processes and standards to enable Facebook's expansion. This position is full-time and located in our Washington, D.C. office. RESPONSIBILITIES * Grow and develop the Eastern headquarters Facilities Engineering team. Supporting the east coast North American region, this team leads strategic solutions to complex engineering issues, and ensures global implementation. Scope and execute Data Center retrofit projects, complex engineering projects, and key initiatives for the NA East region. Ensure tight coordination, standardization in approach, and shared practices between three headquarters locations, NVO, Fremont and Dublin. Hire and develop a high performing discipline specific engineering team. Develop and implement innovative and robust processes and standards. Lead analyses of electrical, mechanical, and water systems, along with associated improvements. Identify and drive quality and process improvement initiatives. Lead equipment failure and power outage incidents and drive root cause analyses. Work with centralized organizations and other Facilities Operations teams to assess operational performance gaps. Design, develop and implement scalable and flexible solutions. Facilitate and implement solutions broadly across all data center regions. Review mission critical system changes with data center teams. Ability to work in a fast-paced, hands-on, customer-facing evolving environment. Ability to travel approximately 30% of the time. MINIMUM QUALIFICATIONS * Bachelor's degree in engineering Experience leading data center, mission critical facilities, or technical operation organizations Track record of developing an engineering team Experience leading detailed engineering projects Knowledge of critical facility systems Experience communicating across the organization both cross-functionally and at the executive level PREFERRED QUALIFICATIONS * Bachelor's degree in electrical or mechanical engineering Advanced degree in engineering or business Professional Engineer license or equivalent Understanding of data center power and cooling infrastructure Facebook is committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures. If you need assistance or an accommodation due to a disability, you may contact us at Facebook Washington DC

Devsec Ops Lead