Mid-Level DevOps Engineer 

Herndon, VA

Active TS/SCI clearance and be willing and able to obtain a CI polygraph required.

We have a great opportunity to contribute to direct mission capabilities by developing exciting, cutting-edge applications that impact geospatial navigation and crucial decision-making in the intelligence sector! If this type of impact would excite you, we’d love to chat with you!

@Orchard is retained by a top geospatial technology company in their search for a Mid-Level DevOps Engineer located in Herndon, VA, to support the development, integration, and cybersecurity compliance of various intelligence capabilities into a Development and subsequently Production environment. You will be a member of a project team responsible for designing and maintaining multiple DevOps pipelines integrating and deploying numerous components into the larger system technology stack. Deployment will be across multiple networks into private cloud infrastructures self-hosted for our government customer. 

The Team/The Work/The Environment:

• A multi-faceted technical team with expertise spanning the full stack of cloud computing technologies including systems administration, DevOps, cybersecurity, software development, and systems engineering that builds and maintains software applications backed by a self-managed cloud infrastructure with a true big-data footprint (over 10 petabytes).
• A diverse background of experience in mission support and technology development and operations serves as a catalyst to solve unique and challenging intelligence problems in support of special operations analysts and their on-going activities. 
• Prototyping and frequent, iterative feedback are core to the delivery approach, anchored by a need to work quickly in support of their missions

Your Role/Responsibilities:

As a Mid-Level DevOps Engineer you will:

• Deploy, and manage highly available applications to ensure system reliability and scalability. 
• Implement, and maintain HashiCorp Nomad clusters and Kubernetes clusters for workload orchestration. 
• Execute DNS configuration, management, and performance tuning for enterprise-grade systems. 
• Develop and implement Infrastructure-as-Code (IaC) solutions using tools like Terraform, Ansible, or similar. 
• Build and manage multiple CI/CD pipelines with GitLab or equivalent tools to automate deployments and streamline development workflows for rapid development and integration. 
• Perform system monitoring, logging, and troubleshooting to proactively identify and resolve issues. 
• Automate security testing and monitoring within the DevOps workflows using ACAS and Trivy. 
• Analyze cybersecurity scan findings and work with the cybersecurity team to identify false positive findings. 
• Assist the cybersecurity team in assembling the required Body of Evidence to submit for False Positive exceptions.
• Assist the cybersecurity team in assembling the required Body of Evidence to submit containerized and non-containerized software packages for enterprise software approval.
• Integrate static code analysis tools such as GitLab SAST, Fortify or Sonarqube and other security mechanisms into CI/CD pipelines. 
• Build and maintain custom tools to automate cybersecurity analysis and correlation workflows as new cybersecurity compliance requirements emerge.
• Perform cybersecurity remediation on DevOps managed Virtual Machines to include OS patching, OS STIGing, and software package updates.
• Build, maintain, and monitor configuration management of release products. 
• Troubleshoot and resolve network, automation pipelines, and infrastructure issues. 

Minimum Requirements:

• Must have a current/active TS/SCI and be willing and able to pass a CI polygraph. 
• Must be able and willing to work in a SCIF environment in Herndon Virginia forty hours a week.
• Minimum of 5+ years of Industry experience as a DevOps engineer.
• Strong expertise in cloud environments, including deployment, optimization, and troubleshooting. 
• Proven track record in building and operating Cloud Native Applications using tools like Kubernetes and Docker. 
• Experience in managing, integrating and utilizing PKI certificates for user and Non-Person-Entity Authentication and Authorization.
• In-depth experience with IaC tools such as Terraform, Ansible, or equivalent. 
• Solid experience in creating and managing CI/CD build pipelines using GitLab or similar tools (e.g., Jenkins, Azure DevOps). 
• Strong scripting and automation skills using Python, Bash, or equivalent languages. 
• Excellent problem-solving skills with attention to detail and the ability to thrive in a fast-paced environment. 
• Experience with security best practices in DevOps pipelines (e.g., Trivy,  Grype, GtiLab SAST, Sonarqube, etc.). 
• Familiarity with monitoring tools like Prometheus, Grafana, or ELK Stack. 
• Strong knowledge of networking and load balancing technologies. 
• Experience with source configuration management tools such as Git. 
• CI & CD development experience with technologies like Bash, Jenkins, or GitLab. 
• Experience with automated deployment technologies such as Cloud Formation, Ansible, Puppet or Chef. 
• Cloud Technologies deployment experience. 
• Open-source application deployments and maintenance. 
• Custom source application deployments and maintenance. 
• Moderate LINUX system administration experience (RedHat, Rocky Linux, Alma Linux or similar)). 
• Working knowledge of Linux and Windows operating systems, web services and SQL databases. 
• Experience working in an Agile environment.  

Preferred Qualifications:

• Bachelor's degree in Computer Science, Information Systems or related discipline. 
• Master’s degree in Computer Science, Information Systems or related discipline. 
• Security+ or comparable certification for privileged user access. 
• Experience with distributed processing methods and tools, such as REST APIs, microservices, IaaS/PaaS services. 
• Experience developing and deploying web services. 
• Experience in implementing Docker STIGs 
• Experience with technical cybersecurity remediation in the context of a Continuous Monitoring (CONMON) program 
• RHCSA or LPIC1/LPIC2 certifications or equivalent 
• Certified Kubernetes Administrator certification 
• Docker Certified Associate 

Established in 2010, @Orchard has an exceptional reputation, providing talent acquisition solutions to time-sensitive, talent scarcity issues to deliver better talent management ROI.  Our specialty lies in the critical area of program talent acquisition and resource management, not in one narrow skillset, but across many areas of technical and functional delivery. To learn more about our other exciting opportunities, visit our Jobs Page at www.atorchard.com.