OneMain Financial Jobs

Responsibilities 

• Stay up to date with latest revisions of NIST RMF revisions and develop/update policy documents as needed 
• Document and implement security of the Continuous Integration (CI) pipelines in GitLab CI/CD using JFrog Artifactory, SonarQube, and Ansible 
• Develop threat models and other required documentation that describe end-to-end security of the SDLC 
• Manage integration, security scanning, and deployment security of multiple applications into orchestrated frameworks 
• Ensure software promotions comply with government security policies at all classification levels 
• Manage AWS (GovCloud) security to maintain integrity of software artifacts 
• Other duties as assigned. 

Requirements

• Bachelor's degree in cybersecurity, computer science, engineering, mathematics, or physical sciences 
• At least two years of professional experience building and executing DevOps or DevSecOps solutions using Continuous Integration / Continuous Deployment (CI/CD)
• Demonstrated experience in NIST RMF, CMMC, and STIG compliance 
• Demonstrated experience in applying security best practices to containerized solutions and orchestration frameworks such as Docker, Podman, Kubernetes, etc. 
• Demonstrated cybersecurity protocols are followed in development, test and production environments 
• Knowledgeable with different types of software licenses (Public Domain, LGPL, Permissive, Copy Left, Proprietary)  
• The ability to obtain and maintain a DoD security clearance 
• Ability to work 100% on-site 
• Detail oriented 
• Good verbal and written communication skills 

Candidates who have any of the following skills will be preferred: 

• Demonstrated experience with static and dynamic analysis tools 
• Demonstrated experience with software package artifact management using JFrog Artifactory, Nexus or similar 
• Experience with software vulnerability assessment and remediation using SAST/DAST and tools like Sonarqube 
• Experience with Python3 or C++ 
• Experience with container security tools such as Grype, Syft, Snyk, etc. 
• Systems and service administration in a Linux environment, including the installation and maintenance of applications supporting CI/CD like Gitlab, etc 

*Resumes, Cover Letters, and Applications which are generated by AI will not be considered for employment. 

Colorado Residents: In any materials you submit, you may redact or remove age-identifying information such as age, date of birth, or dates of school attendance or graduation. You will not be penalized for redacting or removing this information. 

Benefits

SciTec offers a highly competitive salary and benefits package, including:

• 4% Safe Harbor 401(k) match
• 100% company paid HSA Medical insurance, with a choice of 2 buy-up options
• 80% company paid Dental insurance
• 100% company paid Vision insurance
• 100% company paid Life insurance
• 100% company paid Long-term Disability insurance
• Short-term Disability insurance
• Annual Profit-Sharing Plan
• Discretionary Performance Bonus
• Paid Parental Leave
• Generous Paid Time Off, including Holiday, Vacation, and Sick Pay
• Flexible work hours

The pay range for this position is $98,000 - $146,000 / year. SciTec considers several factors when extending an offer of employment, including but not limited to the role and associated responsibilities, a candidate's work experience, education/training, and key skills. This is not a guarantee of compensation.

SciTec is proud to be an Equal Opportunity employer. VET/Disabled.