The CERT Program is part of the Software Engineering Institute (SEI), a federally funded research and development center at Carnegie Mellon University (CMU) in Pittsburgh, Pennsylvania. CERT engages in state of the art R&D activities in computer security. The CERT Security Automation Directorate, Secure Lifecycle Solutions (SLS) group delivers innovative engineering methods and solutions to challenging cybersecurity problems. By demonstrating in-house technical expertise and long-standing collaborations with leading researchers from special academic institutions, SLS authorities develop custom methods and systems to meet customer needs. The SLS team applies ground breaking research and technologies to provide secure software solutions that bring real value to support the mission of our government and industry partners and advance the current state of practice.
PositionSummary: Expertise in DevOps processes and tools, resilient system design and implementation, and requirements gathering and analysis enables team to develop comprehensive practices engineering processes tailored to rare customer needs, or improve existing processes to meet evolving challenges by demonstrating new technologies. Built on confirmed SEI software engineering methodologies and CERT cyber security expertise, SLS engineering processes lead to efficient, successful, and secure product development and deployment.
You will participate in all phases of the application development lifecycle, and will be involved in key decisions regarding software design and technology selection including hands on development activities.
Minimum Qualifications and Requirements:
Education/Training: BS in computer science, software engineering, computer engineering, or a related quantitative field of study with ten (10) years of applicable experience.
Experience: Experience as a software developer working on software applications in a professional environment required:
Hands on experience in an Ops/DevOps role with an emphasis on deploying and handling environments in cloud platforms (AWS, Azure, or similar)
Hands-on experience with configuration management tools, chef, Puppet, or similar.
Experience and proficiency with Linux administration and operation (preferably RHEL/CentOS)
Experience developing in object oriented programming on Java, C#, C++
Experience with scripting languages such as Python, Ruby, Perl, and Bash
Experience setting up continuous integration & continuous delivery, log collection and analysis, software build & release, and performance monitoring/tuning
Experience with modern web frameworks such as Django, Angular JS, React
Experience with SDLC deployment packages Maven, Ant, Docker, etc
Experience with source code repository Git, Mercurial, SVN, or TFS
Experience with monitoring and logging tools such as Kibana, NewRelic, Nagios, Splunk, Graphite, Graphana, etc
Experience fixing software applications and reading stack traces
Knowledge of network switches, firewalls and routers
Familiarity with system and task automation
Familiarity with risk and security assessments
Collaboration skills, with written and spoken communication skills
Excellent troubleshooting and problem solving capabilities
Deep knowledge of software engineering including detailed knowledge of at least three of the following strengths: requirements, architecture and design, program and acquisition management, performance improvement, assurance, and/or security
Relevant experience within the last 5 years in working on a large software development program
Deep familiarity with general Linux operating system concepts, development pipeline tools, etc.
Knowledge of how to apply system engineering principles to system software development
Ability to execute network assessments and report results, write documentation.
Understanding of basic computer systems, and network, database and application security issues
Excellent written and verbal communication skills
Excellent reasoning and problem-solving skills
Ability to work effectively and manage time without supervision
Ability to attend customer meetings and respond to customer requirements
Highly motivated Self-starter individual with ability to multi-task, prioritize and be actionable
Review and development of performance and capacity plans (operational capacity and load requirements)
Experience with application disaster recovery, migration, roll-back plans, expansion, routine deployments, and system upgrade
Mobility: Will be required to travel on overnight assignments, occasionally for several days.
EnvironmentalConditions: Usual office setting, including extended work at a computer screen.
Mental: Ability to work meticulously with careful attention to detail; ability to meet target dates while working on multiple tasks – shifting priorities; ability to deal reciprocally, diplomatically, and successfully with customers, co-workers and other professional colleagues, managers, and staff; ability to grasp the big picture, direction, and goals of an effort; ability to quickly learn new procedures, techniques, approaches, etc.
Other: The candidate will be subject to a background check and must be eligible to obtain and maintain a Department of Defense security clearance.
Education/Training: Master's degree in CS, Information Systems, systems and /or engineering, acquisition management, or equivalent combination of training and experience.
Accountability: The member will be directly accountable for understanding DoD technical needs, applying new technologies, and establishing delivery capabilities to meet the needs of the sponsoring organization and the DevOps community.
Direction: As a technical staff member, he/she will be expected to operate with minimum supervision using CMU and SEI defined practice, policies and procedures, in concert with the SEI mission.
Decisions: Required to work with government program offices to identify strengths and weaknesses within the acquisition program and their contractor base and build solutions to address the weaknesses and recognize and the strengths.
SupervisoryResponsibilities: To be able to lead and supervise others.
Job Functions or Responsibilities:
85% Participate as a leader or member of dynamic technical teams in support of application development & delivery and DevOps assessment capabilities.
10% Identify and support the implementation strategies for the collection and application of learning and knowledge transfer from assignments (e.g. Dissemination of research results, case studies, guides, reports, presentations, articles, workshops, courses, and blog entries).
5% Perform other duties as assigned by the SLS Technical Manager, or Team Leads
100% total effort
CMU is an EEO/Affirmative Action Employer – M/F/Disability/Veteran
Pursue your passion and work alongside world-recognized leaders in the field of software engineering. Our staff works with the highest levels of U.S. government and industry to secure the nation's critical infrastructure, improve mission-critical systems, and advance the state of the art.
Interested in working with us? To browse employment opportunities and apply for a position at the SEI, see ...our list of open positions at http://www.sei.cmu.edu/careers/. You can also visit the Carnegie Mellon site to learn about benefits for eligible employees, search for open positions that match your interests, and create a Job Agent that will notify you by e-mail when jobs that meet your criteria become available.
Resumes from recruiting firms will not be accepted.
Carnegie Mellon University is an EEO/Affirmative Action Employer – M/F/Disability/Veteran