Senior DevSecOps/Platform Security Lead II (6444)

As a Senior DevSecOps/Platform Security Lead II, you’ll work collaboratively with leads and cross-functional teams to develop and advise on solutions and ensure compliance with security protocols and industry standards. Staying informed about emerging trends and threats in both cloud and platform technologies, you will proactively enhance defenses through innovative tools and methodologies. Additionally, you will adopt and conduct continuous monitoring strategies, risk assessments, implement security controls, identify vulnerabilities, and support incident response efforts to minimize risks and maintain the integrity of our systems and data.

We know that you can’t have great technology services without amazing people. At MetroStar, we are obsessed with our people and have led a two-decade legacy of building the best and brightest teams. Because we know our future relies on our deep understanding and relentless focus on our people, we live by our mission: A passion for our people. Value for our customers.

If you think you can see yourself delivering our mission and pursuing our goals with us, then check out the job description below!

What you’ll do:

• Serve as a Platform Engineer for containerized environments, service mesh technologies and microservices with cybersecurity requirements as the primary consideration. Advise both strategic and design priorities for various platform technologies and tools.

• Provide leadership and guidance to a cross-functional team of engineers and cyber security professionals who support the management of security controls for cloud based services, including cloud brokering, DevSecOps tools and containerized workloads solutions.

• Develop effective and sustainable solutions to monitor network traffic, system logs, and security alerts to detect and respond to potential security incidents within the platform. Support the team to analyze and investigate anomalies and security breaches, assess threat intelligence feeds, conduct threat analysis, taking appropriate actions to mitigate risks and vulnerabilities.

• Collaborate with other platform engineers and developers among other cross-functional teams, to establish, embed, and enforce security policies, standards, and procedures throughout the system lifecycle.

• Support the team’s requirement to perform security assessments, implement incident response plans and recommend mitigations.

• Maintain thorough and accurate documentation of security architecture processes, control implementation procedures, configurations, and continuous monitoring strategies. Prepare detailed reports on security findings, incidents, and actions taken.

What you’ll need to succeed:

• Active TS/SCI Clearance with CI poly

• 7+ years of engineering with hands-on experience securing containerized/Kubernetes environments (OpenShift preferred).

• 3 years of experience with DevSecOps practices, CI/CD pipelines, and other automation tools (e.g., Jenkins, GitLab CI/CD, Artifactory, SonarQube, and Prisma Cloud).

• 3 years of experience in cloud engineering (AWS Preferred), with expertise in designing, implementing, and managing advanced cloud solutions

• Strong experience with designing and building implementations of required security controls; and implementing continuous monitoring and auditing of solutions for compliance with security controls.

• Strong experience in managing and mentoring cybersecurity analysts and engineers.

• Strong experience in implementing security controls from government regulatory frameworks and security standards (e.g., NIST SP 800-53, RMF, ICD 503, FISMA, FedRAMP).

• Demonstrated experience implementing controls for cloud, container, and/or DevSecOps services and solutions from IL5 to IL6+ environments.

• Experience with log aggregation and analysis tools (e.g., Splunk), such as performing querying and analysis of aggregated logs to identify security-relevant anomalies or risks.

• Experience performing periodic (Daily, Weekly, Monthly) security checks to support continuous monitoring aligned with the NIST Risk Management Framework

• Experience with incident response, security incident handling, and forensic analysis techniques.

• Effective communication skills, with the ability to convey complex technical concepts to both technical and non-technical stakeholders.

• CISSP or equivalent certification to support DoD 8140 requirements.

• Bachelor's degree in Computer Science, Cybersecurity, or a related field.

Salary Range: $166,000 – $202,000

The salary range for this position is determined based on qualifications, skills, and relevant experience. The final salary offered will be determined based on several factors including:

• The candidate's professional background and relevant work experience

• The specific responsibilities of the role and organizational needs

• Internal equity and alignment with current team compensation

• This role is also eligible for additional compensation, subject to the terms and policies of MetroStar, which may include:

• Performance-based bonuses

• Company-paid training and/or certifications

• Referral bonuses

To apply for this position, please submit your resume via the form below or through our careers page: https://www.metrostar.com/jobs/

Application Deadline: Applications will be accepted on a rolling basis until the position is filled; candidates are encouraged to apply as early as possible for full consideration.

Additional Compensation: This role may also be eligible for bonuses and/or additional incentives based on individual and company performance.

Benefits: All full-time employees are eligible to participate in our benefits programs:

• Health, dental, and vision insurance

• 401(k) retirement plan with company match

• Paid time off (PTO) and holidays

• Parental Leave and dependent care

• Flexible work arrangements

• Professional development opportunities

• Employee assistance and wellness programs

Like we said, we are big fans of our people. That’s why we offer a generous benefits package, professional growth, and valuable time to recharge. Learn more about our company culture code and benefits. Plus, check out our accolades.

Commitment to Non-Discrimination
All qualified applicants will receive consideration for employment based on merit and without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, status as a protected veteran, or any other status protected by applicable federal, state, local, or international law.

What we want you to know:

In compliance with federal law, all persons hired will be required to verify identity and eligibility to work in the United States and to complete the required employment eligibility verification form upon hire.

Not ready to apply now?

Sign up to join our newsletter here.