DevSecOps Engineer II

About BlueLabs
BlueLabs is a leading provider of analytics services and technology for a variety of industry clients: including government, business, and political campaigns. We help our clients optimize their engagements with individual customers, supporters, and stakeholders to achieve their goals. Simply put: we help our partners do the most good by getting the most from their data.
Today, our team of data analysts, scientists, engineers, and strategists come together from diverse backgrounds to share a passion for using data to solve the world's greatest social and analytical challenges. We've served more than 400 organizations ranging from government agencies, advocacy groups, political campaigns, and businesses. Along the way, we've developed some of the most innovative tools available in analytics, media optimization, reporting, and influencer outreach-- serving a diverse set of industries, including the automotive, travel, consumer packaged goods, entertainment, healthcare, media, telecom, and more.
About the team:
The BlueLabs Civic Tech practice revolutionizes the way government agencies use data to streamline operations, interact with citizens, and react to their biggest challenges. Our team develops deep expertise within the areas our clients care about most, then builds data analytics systems that create impact at scale. We work closely with internal government innovation groups, and build on the analytics methodology pioneered in e-commerce, advocacy, politics, and consumer finance.
You will work on a fast-paced, impact-driven project team charged with intelligently improving the operations powering the policies and programs that hundreds of millions of Americans interact with on a daily basis. Our work builds the frameworks and infrastructure that allows agencies to deal with big public health challenges. We bring definition to challenging problems, creatively identify data sources, then design analytics that accurately measure impact and move the needle every day. We work in changing, ambiguous environments, so we embrace nuance, inclusivity, and complexity to deliver programs that work for the diverse groups of individuals who rely on us.
About the role:
This position is a DevSecOps engineer, or a software engineer/developer with substantive experience with system administration and security, who wants to work at an organization where they are empowered to deploy their skills to make lasting positive change. You'll provide direct DevSecOps support for a high profile federal web property, and know your day-day work is directly creating a better experience for federal employees, federal job seekers, and numerous other stakeholders. The ideal candidate will be comfortable working with diverse stakeholders to manage expectations and provide robust guidance in their areas of responsibility. We're not building a team for a day-we are building a collaborative community of engineers, analysts, and data scientists. More than anything else, we're looking for people who are excited by our mission, love to create, are honest about what they know, fascinated by what they don't, and relish the opportunity to work with people who value the same.
In this position you will:

• Work closely with technical stakeholders to define security strategy and execute on it.
• Implement automation to enable developers to easily consume security services.
• Design a secure application-release automation process to make security an integral part of the CI/CD pipelines.
• Ensure security, reliability, and performance of a web property with tens of millions of users.
• Partner closely with developers, analysts, and other internal users to ensure they have an experience that allows them to quickly and securely ship the features they build.
• Enforce standard methodologies, processes and tools and ensure compliance to enterprise architecture, global information security policies and engineering strategy.
• Implement automation to investigation and response workflows for Automated Incident Response.
• Be an integral member of a team to create a Disaster Recovery Plan for the projects you're on.
• Create specifications for pentesting performed by an outside contractor.
• Perform Azure configuration review on the projects you're involved in.
• Be the main DevSecOps point of contact for important government projects.

What we are seeking:

• 2+ years of Information Security or engineering experience.
• 2+ years of direct experience in at least one Public Cloud (Azure, AWS, or GCP).
• Familiarity with SecOps processes including detection, monitoring, alerting and threat intelligence.
• Expert knowledge of integrating crucial security tasks into CI/CD pipelines.
• Strong knowledge of software development methodologies and the software development lifecycle.
• Strong knowledge of container security and secrets management.
• Working experience with configuration management.
• Demonstrated experience with secure development, coding, engineering practices.
• Experience with Infrastructure as Code and infrastructure testing strategies.
• Experience with systems reliability, load balancing, monitoring, and logging.
• Ability to lead on project security, backup, and redundancy strategies.
• Desire to learn about new technologies and be dedicated to expanding your skills every day.
• Passion for data, visualization, analytics and just plain problem solving.
• The ability to successfully attain and maintain a Federal Public Trust background investigation that our government clients require; this includes a requirement that the individual has U.S. Citizenship or U.S. residency for three of the past five years.

You may also have:

• Experience working with a multidisciplinary team that includes developers, data scientists and other non-engineer technical users.
• Demonstrated interest in using data and technology to advance social good in areas like health, government effectiveness, or civic engagement.
• Have experience programming in Bash and Python or similar scripting languages.
• Have experience deploying applications in an Azure or other cloud environment using automation tools such as Terraform, Ansible, Chef, or Puppet, and cluster management/orchestration software like Kubernetes, and Docker.
• Validated adherence to Azure governance standards for policy definitions, role-based access controls, resource groups, and Azure Blueprints.

What recruitment looks like:
This position will include an HR phone interview and two additional virtual interviews. During the interview process, you will be asked questions to describe your background and experience relevant to the position. This may include providing examples of projects you worked on, tools or applications you've used, and knowledge you have applied. We often look for explanations of "how or why" so it's helpful to have details ready.
What We Offer:
BlueLabs offers a friendly work environment and competitive benefits package including:

• Premier health insurance plan
• 401K matching
• Unlimited vacation leave
• Paid sick, personal, and volunteer leave
• 13 paid holidays
• 15 weeks paid parental leave
• Professional development stipend & tuition reimbursement
• Employee Assistance Program (EAP)
• Supportive & collaborative culture
• Flexible working hours
• Remote friendly (within the U.S.)
• And more!

The salary for this position is $110,000 annually.
While we have an office in Washington, DC, we are open to considering candidates from within the U.S.
At BlueLabs, we celebrate, support and thrive on differences. Not only do they benefit our services, products, and community, but most importantly, they are to the benefit of our team. Qualified people of all races, ethnicities, ages, sex, genders, sexual orientations, national origins, gender identities, marital status, religions, veterans statuses, disabilities and any other protected classes are strongly encouraged to apply. As an equal opportunity workplace and an affirmative action employer, BlueLabs is committed to creating an inclusive environment for all employees. BlueLabs endeavors to make reasonable accommodations to the known physical or mental limitations of qualified applicants with a disability unless the accommodation would impose an undue hardship on the operation of our business. If an applicant believes they require such assistance to complete the application or to participate in an interview, or has any questions or concerns, they should contact the Director, People Operations. BlueLabs participates in E-verify. EEO is the Law (Link to external DOL site)