• Embed security into the software development lifecycle, enabling teams to ship features safely at high velocity. • Partner with engineering and AI teams to assess and mitigate security risks for new AI features, infrastructure, and pipelines. • Develop and maintain secure CI/CD pipelines, tooling, and automation to support rapid deployment. • Conduct threat modeling, vulnerability assessments, and code reviews for new services and AI workloads. • Advise on secure architecture patterns for infrastructure, agent systems, and model-serving environments. • Implement monitoring, alerting, and incident response practices for critical security events. • Define best practices, standards, and policies for secure feature delivery across engineering teams. • Act as the internal security advocate, balancing risk management with product velocity.

Overview GovCIO is currently hiring for a Senior Developer/DevSecOps Engineerto support our client’s contract needs. This position is located in the Washington, DC and will be a remote position with intermittent visits to customer location.  Responsibilities JBOSS - Install JBoss EAP on supported platforms (Linux, RHEL, Windows). - Configure in standalone or domain mode, depending on architecture needs. - Apply Red Hat-supported RPMs or ZIP installations and ensure compliance with licensing. - Deploy and manage Java EE applications (WAR/EAR) via: - Management CLI - Admin Console - Automation scripts (Ansible, shell) - Enable rolling deployments, hot deployment - Set up HTTPS/SSL with trusted certificates and secure keystores. - Enforce RBAC (Role-Based Access Control) using the management realm. - Configure security domains, JAAS, and Elytron security (modern Red Hat EAP security subsystem). - Manage key EAP subsystems: - Datasources (JDBC) - JMS (ActiveMQ Artemis) - Web (undertow) - EJB, JPA, JAX-RS, JTA, JNDI - Modify configurations via: - Management CLI - xml or domain.xml - JBoss Management API - Monitor JVM and application performance with tools like: - JConsole - JMC (Java Mission Control) - JBoss CLI - Tune JVM options, garbage collection, connection pools, and thread pools. - Analyze logs (server.log, boot.log) and configure log rotation and log levels. - Apply Red Hat-provided patches and updates using RHSM or offline methods. - Maintain backup procedures for: - Configuration files - Deployed apps - Domain/host controllers (in domain mode) - Prepare and test disaster recovery procedures and environment restoration. - Integrate JBoss EAP with: - Red Hat AMQ - Connect to external systems like databases, message brokers, or logging systems (ELK stack). - Maintain up-to-date documentation on: - Configuration changes - System architecture - Patching history - Implement audit logging and track changes for compliance. - Work with DevSecOps teams to ensure EAP adheres to security best practices. - Troubleshoot: - Deployment failures - Classloading conflicts - Transaction rollbacks - Application or subsystem crashes - Interface with Red Hat Support via the Customer Portal and create support cases when needed. - Automate tasks using: - Ansible (especially Red Hat Certified Collections) - JBoss CLI scripting - Shell/Python scripts - Integrate EAP deployments with CI/CD pipelines (Jenkins, GitLab, Tekton). - Support EAP clustering, session replication, and high availability. - Manage load balancing with Apache HTTPD, mod_cluster, or HAProxy. - Manage SSL certificates and domain configurations, ensure SSL certificates are renewed on a timely manner - Stay up-to-date with JBOSS releases and new features. - Execute, test and document upgrade procedures in lower and production environments    Artifactory - Deploy and configure Artifactory instances, ensuring they meet organizational requirements for scalability and high availability. - Tune Artifactory settings, implement caching strategies, and optimize storage solutions to enhance performance and scalability. - Utilize tools like Prometheus, Grafana, and JFrog Mission Control to monitor system health, set up alerts, and ensure continuous operation. - Define and manage user roles and permissions to control access to repositories and artifacts, ensuring security and compliance. - Integrate Artifactory with LDAP, SSO, or other authentication systems to streamline user management. - Integrate JFrog Xray with Artifactory to scan artifacts for security vulnerabilities and license compliance. - Implement fine-grained access control using users, groups, permissions, and permission targets. - Ensure that backups are encrypted and access-controlled to prevent unauthorized access to sensitive data. - Pipeline Integration: Integrate Artifactory with CI/CD tools like Jenkins, GitLab CI, and others to automate artifact storage and retrieval. - Implement processes to promote artifacts through different stages of the development lifecycle, such as development, staging, and production. - Develop scripts to automate routine tasks, such as repository cleanup and artifact promotion. - Set up and manage local, remote, virtual, and federated repositories to organize and control access to artifacts. - Regularly clean up repositories by removing obsolete artifacts and optimizing storage usage. - Configure repository replication and federated repositories to ensure consistent access to artifacts across geographically distributed teams. - Monitor the health and performance of Artifactory instances using integrated monitoring tools. - Generate reports on repository usage, artifact storage, and user activity to inform decision-making. - Set up proactive alerting mechanisms to detect and resolve issues promptly. Apply security patches and updates in a timely manner.   DevSecOps Engineering - Embed security checks into CI/CD pipelines (e.g., GitHub Actions, Jenkins, GitLab CI). - Automate code scanning, dependency scanning, and container image scanning. - Integrate tools like: - SAST (Static Application Security Testing) — e.g., SonarQube, Fortify - DAST (Dynamic Application Security Testing) — e.g., OWASP ZAP, Burp Suite - SCA (Software Composition Analysis) — e.g., Snyk, WhiteSource, Black Duck - Promote secure coding practices via developer training and secure coding guidelines. - Define and enforce security policies for app configuration, secrets, encryption, etc. - Use Infrastructure as Code (IaC) tools like Terraform or Ansible securely. - Scan IaC templates for misconfigurations (e.g., with Checkov, tfsec, Terrascan). - Secure cloud resources (AWS, Azure, GCP) using Cloud Security Posture Management (CSPM) tools. - Set up IAM policies, network segmentation, and encryption at rest/in transit. - Participate in threat modeling sessions with development teams. - Identify potential attack vectors in the architecture (e.g., privilege escalation, insecure APIs). - Prioritize and remediate identified risks based on severity and impact. - Monitor and manage vulnerabilities in: - Code - Containers - Dependencies - Infrastructure - Integrate tools like Trivy, Clair, Aqua, or Anchore into pipelines. - Track vulnerability metrics, triage findings, and enforce SLAs for remediation. - Harden container images using minimal base images and security scanning. - Enforce policies using tools like OPA/Gatekeeper, Kyverno, or PodSecurity Standards. - Configure Kubernetes RBAC, network policies, and secrets management. - Implement runtime protections with tools like Falco, Sysdig, or Kube-bench. - Develop custom scripts/tools for security automation (Python, Bash, Go). - Automate certificate management, secrets rotation, and access provisioning. - Maintain DevSecOps toolchains across dev, test, and prod environments. - Collaborate with development, QA, operations, and security teams. - Align with compliance standards (e.g., SOC 2, ISO 27001, PCI-DSS, HIPAA). - Define security policies, guardrails, and governance workflows. - Integrate security monitoring into observability platforms (e.g., ELK, Grafana, Splunk). - Enable SIEM and SOAR integrations for real-time threat detection and alerting. - Support incident response and forensics when security events occur. Qualifications - Bachelor’s degree with 12 years (or commensurate experience) Master’s degree and 7 years of experience. Required Skills and Experience - Experience with JBOSS, Java EE applications, Red Hat - In-depth knowledge of Artifactory - Proven experience with DevSecOps Engineering Clearance Required: Must be able to obtain and maintain AOUSC Public Trust   Preferred Skills and Experience - Masters degree Company Overview GovCIO is a team of transformers--people who are passionate about transforming government IT. Every day, we make a positive impact by delivering innovative IT services and solutions that improve how government agencies operate and serve our citizens. But we can't do it alone. We need great people to help us do great things - for our customers, our culture, and our ability to attract other great people. We are changing the face of government IT and building a workforce that fuels this mission. Are you ready to be a transformer?   What You Can Expect   Interview & Hiring Process If you are selected to move forward through the process, here’s what you can expect: - During the Interview Process - Virtual video interview conducted via video with the hiring manager and/or team - Camera must be on - A valid photo ID must be presented during each interview - During the Hiring Process - Enhanced Biometrics ID verification screening - Background check, to include: - Criminal history (past 7 years) - Verification of your highest level of education - Verification of your employment history (past 7 years), based on information provided in your application Employee Perks At GovCIO, we consistently hear that meaningful work and a collaborative team environment are two of the top reasons our employees enjoy working here. In addition, our employees have access to a range of perks and benefits to support their personal and professional well-being, beyond the standard company offered health benefits, including: - Employee Assistance Program (EAP) - Corporate Discounts - Learning & Development platform, to include certification preparation content - Training, Education and Certification Assistance* - Referral Bonus Program - Internal Mobility Program - Pet Insurance - Flexible Work Environment *Available to full-time employees   Our employees’ unique talents and contributions are the driving force behind our success in supporting our customers, which ultimately fuels the success of our company. Join us and be a part of a culture that invests in its people and prioritizes continuous enhancement of the employee experience.   We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, disability, or status as a protected veteran. EOE, including disability/vets.   Posted Pay Range The posted pay range, if referenced, reflects the range expected for this position at the commencement of employment, however, base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, education, experience, and internal equity. The total compensation package for this position may also include other compensation elements, to be discussed during the hiring process. If hired, employee will be in an “at-will position” and the GovCIO reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, GovCIO or individual department/team performance, and market factors. Posted Salary Range USD $145,000.00 - USD $155,000.00 /Yr.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description ARES is seeking a remote Aerospace Reliability Engineer to directly support the Orion Spacecraft team – NASA’s spacecraft designed for long-duration, human-rated deep space exploration, including Artemis missions to the Moon and beyond. Supporting Lockheed Martin's reliability engineering group, Orion and other critical programs, you'll contribute to mission success across the full lifecycle from concept through sustainment. - Developing reliability and maintainability predictions using industry-standard methodologies (e.g., MIL-HDBK-217, empirical data) for electrical/electronic assemblies, systems, and support equipment. - Performing Failure Modes and Effects Analysis (FMEA) and Failure Mode, Effects, and Criticality Analysis (FMECA) at schematic/piece-part and interface levels. - Supporting design reviews by presenting reliability analyses and results to program management and NASA/customer stakeholders. - Reviewing discrepancy reports, supporting failure review boards, and providing electronics piece-part reliability expertise (including drawing reviews and parts control). - Assisting failure investigation teams, developing probabilistic assessments from root cause analyses of test anomalies/failures, and conducting system-level severity/likelihood evaluations. - Collaborating with cross-functional teams (design engineers, suppliers, quality, production, program management, and customers) to integrate reliability into Orion spacecraft development. - Creating technical reports, presentations, and supporting documentation. Qualifications - Bachelor's degree in Engineering (Aerospace, Electrical, Mechanical, Systems, or related technical field) or equivalent experience/combined education. - Experience with aerospace reliability engineering principles and practices. - Experience in aerospace or related high-reliability industries. Requirements - 2–12 years of relevant experience in reliability engineering, electrical engineering, or aerospace systems (early to mid-career level). - Knowledge of probability/statistics, mathematical modeling, and reliability prediction methods. - Hands-on experience with FMEA/FMECA processes, FRACAS, or parts engineering/MIL-PRF screening. - Background in aerospace/missile/spacecraft programs. - Familiarity with electrical circuit analysis, schematics, simulation tools, environmental/reliability testing, or systems engineering/integration. - Strong analytical and problem-solving skills with attention to detail. - Excellent technical writing and verbal communication for reports, presentations, and customer interactions. - Ability to thrive in a team-based environment. Benefits - Medical Insurance - Dental Insurance - Vision Insurance - HSA/FSA Accounts - Life & Disability Insurance - Critical Illness & Accident Insurance - 401(k) Plan - Paid Time Off & Holidays

Company Description At Konecranes, we believe that great customer experience is built on the people behind the Konecranes name. Everything we do, we do with passion and drive. We believe diversity drives business success and is the foundation for our growth. We welcome different backgrounds and skills that enrich our community, and we promote a place where we can ALL be ourselves. This is what makes Konecranes a unique place to work. Job Description POSITION SUMMARY The Site Support Manager plays a critical role in supporting site activities throughout the planning, execution, and warranty phases of a project. This position focuses on providing site support, resolving complex or high-profile site challenges, and partnering closely with Project Managers and cross-functional teams to ensure successful outcomes. As a technical resource and collaborator, the Site Support Manager helps drive timely, effective resolutions to customer issues while contributing to the continuous improvement of our site processes and overall customer experience. This role is expected to leverage available resources, foster teamwork, and support long-term improvements that strengthen customer confidence and satisfaction. The customer experience throughout the order execution phase is a key competitive advantage. As a member of the Project Management organization, the Site Support Manager plays an influential role in shaping that experience by minimizing disruption in complex situations, strengthening technical execution, and supporting the development of critical site resources. This position directly contributes to Konecranes’ ability to deliver consistent, industry-leading customer experiences. RESPONSIBILITIES: - Support Project Management, and other ICP team members, as a subject matter expert - Lead and coordinate problem-solving efforts for complex technical and site-related issues during project execution and throughout the warranty period - Act as a site supervisor when needed, coordinating resources and providing on-site leadership and support - Collaborate with installation subcontractors to support their technical development and performance - Participation in continuous improvement efforts with sub-contractor network - Provide technical mentorship for the Project Management team members - Foster internal relationships with important partner groups and individuals - Perform other duties as assigned. Qualifications REQUIRED SKILLS & COMPETENCIES: - Have strong technical skills and a desire to understand our products and processes. EDUCATION & EXPERIENCE: - 10+ years of Overhead Crane or related industrial experience - Proven experience in site management in an industrial or construction environment - Hands-on experience with overhead crane installation and commissioning; or related similar construction experience is required. OTHER REQUIREMENTS: - 50%-75% travel required. Additional Information What we offer: Benefits: Medical Plan, Dental, Vision, 401k plan with a match from day one, identity theft protection, accident insurance, travel insurance and so much more! Vacation: 2 weeks of vacation per year (pro-rated for the first year depending on start date). 5-12 years of service, 3 weeks. 13+ years of service, 4 weeks. Sick Leave: 5 days of Sick Leave per year. Pro-rated the first year after 90 days of service Holidays: 10 paid holidays per year Konecranes moves what matters. Konecranes is a global leader in material handling solutions, serving a broad range of customers across multiple industries. We consistently set the industry benchmark, from everyday improvements to the breakthroughs at moments that matter most, because we know we can always find a safer, more productive and sustainable way. That's why, with 16 000+ professionals in over 50 countries, we are trusted every day to lift, handle and move what the world needs. Konecranes is committed to ensuring that all employees and job applicants are treated fairly in an environment which is free from any form of discrimination. We are an Equal Opportunity Employer - Minorities/Women/Protected Veterans/Disabled/Other Protected Category. Konecranes, Inc. and its affiliates will not accept resumes from external recruiters or agencies without a Service Agreement and Agency Portal submission. Any resumes sent without a Service Agreement and Agency Portal submission with Konecranes, Inc. are void of any fees and free for internal use. Applicable Konecranes data protection obligations are the responsibility of the agency. - Job Category: Please select - Employee Group: Employee - Employment Type: Undefined term - Full-time/part-time position: Full-time - Workplace Type: Remote - Compensation: USD 76670 - USD 95840 - yearly