DevSecOps Release Engineer, Mid

We are seeking a DevSecOps Release Engineer to support the Tomahawk Weapon Systems (TWS) in Santa Clara, CA. This is an on-site position where you will implement and maintain secure, efficient, and compliant software release pipelines. This position focuses on ensuring the security and compliance of software throughout its development life-cycle, leveraging best-in-class DevSecOps practices, security tools, and automation technologies.

In support of the US Navy, Peraton develops 5 of the 7 components of The Theater Mission Planning Center (TMPC). TMPC is the mission planning segment of the Tomahawk Weapon System that provides precision targeting, route planning, mission distribution, and strike management of Tomahawk cruise missile missions from sites located ashore and afloat. TMPC optimizes all aspects of the Tomahawk missile mission to successfully engage a target.

Key Responsibilities:

CI/CD Pipeline Management: Design, implement, and manage CI/CD pipelines ensuring compliance with DoD security policies and requirements, using tools such as Microsoft Azure DevOps.
• Security Tool Integration: Integrate and maintain security tools such as SonarQube, Fortify, and Prisma Cloud within the CI/CD pipeline to automate security testing and vulnerability scanning.
• DevSecOps Best Practices: Collaborate with development and security teams to implement DevSecOps best practices and ensure that security is integrated throughout the development life-cycle.
• Code Quality and Security Compliance: Ensure code quality and security compliance by utilizing static and dynamic analysis tools to scan for vulnerabilities.
• Pipeline Optimization: Monitor, troubleshoot, and optimize CI/CD pipelines to improve deployment efficiency, reliability, and security posture.
• Environment Management: Manage and optimize on-prem environments using RedHat Linux and Microsoft Virtual Machines (VMs), ensuring smooth integration with DevSecOps processes.
• Documentation and Training: Document DevSecOps processes, procedures, and best practices, providing training to development teams on secure coding practices and pipeline usage.

What you'll need:

• Education: 2 years with BS/BA, 0 years with MS/MA or 6 years experience in lieu of a degree
• Clearance: US Citizenship required with the ability to obtain a DoD Secret clearance
• Security Tools: Strong knowledge of security tools such as SonarQube, Fortify, and Prisma Cloud for static/dynamic analysis, vulnerability scanning, and code quality checks.
• Infrastructure as Code (IaC): Experience with IaC tools such as Ansible for automating infrastructure deployments.
• Containerization: Familiarity with containerization technologies such as Docker and Kubernetes.
• DoD Security Knowledge: Understanding of DoD security requirements, including RMF (Risk Management Framework), STIGs (Security Technical Implementation Guides), and cybersecurity best practices.

Peraton is a next-generation national security company that drives missions of consequence spanning the globe and extending to the farthest reaches of the galaxy. As the world's leading mission capability integrator and transformative enterprise IT provider, we deliver trusted, highly differentiated solutions and technologies to protect our nation and allies. Peraton operates at the critical nexus between traditional and nontraditional threats across all domains: land, sea, space, air, and cyberspace. The company serves as a valued partner to essential government agencies and supports every branch of the U.S. armed forces. Each day, our employees do the can't be done by solving the most daunting challenges facing our customers. Visit peraton.com to learn how we're keeping people around the world safe and secure.