Devsec RMF Engineer with Security Clearance

Apex Systems is seeking a skilled DevSecOps Liaison to bridge the gap between our Web Development and Governance teams for one of our major government clients. This role is crucial for establishing and maintaining a robust DevSecOps process, ensuring compliance with DISA/DoD standards, and enhancing our cybersecurity posture. Location: MacDill AFB, FL Clearance Required: Secret Certification Required: DoD 8140 Key Responsibilities: Fielding Requests and Requirements: Act as the primary point of contact for web development requests and requirements, ensuring they align with governance policies.
Engagement with Cyber Governance: Collaborate closely with the Cyber Governance team to ensure all development activities comply with security standards.
Pipeline Management: Utilize GitLab (Free Version) to manage CI/CD pipelines, ensuring efficient and secure code deployment.
Web Application Development: Work with various web applications, including .NET and Python, to support development efforts.
Containerization: Implement and manage containerized applications using Kubernetes.
Translator Role: Serve as a translator between Web Development and Governance teams, facilitating clear communication and understanding.
Vulnerability Assessment: Identify and assess vulnerabilities, ensuring they meet DISA/DoD compliance standards.
Application Security Risk: Evaluate application security risks and implement measures to mitigate them.
Understanding STIGs and RMF: Apply knowledge of Security Technical Implementation Guides (STIGs), Risk Management Framework (RMF), and NIST standards to ensure compliance.
Cyber Threat Analysis: Monitor and respond to cyber threats, utilizing tools like Semgrep and Trivy.
On-Premises Security: Manage and assess risks associated with on-premises infrastructure.
Security Implementation: Lead security implementation efforts, ensuring robust protection of information systems.
Qualifications: Minimum Secret Clearance.
Proven experience in security implementation and compliance with DISA/DoD standards.
Strong understanding of STIGs, RMF, and NIST standards.
Proficiency in web application development (.NET, Python) and containerization (Kubernetes).
Experience with GitLab CI/CD pipelines.
Ability to assess and mitigate application security risks.
Familiarity with cybersecurity tools such as Semgrep and Trivy.
Excellent communication skills and ability to act as a liaison between technical and governance teams.
Preferred Skills: Experience in a DevSecOps role within a DoD environment.
Strong analytical and problem-solving skills.
Ability to work independently and as part of a team. EEO Employer Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law. If you have visited our website in search of information on employment opportunities or to apply for a position, and you require an accommodation in using our website for a search or application, please contact our Employee Services Department at or .