AQA Mobile Application Tester IRC274056

GlobalLogic

  • Львов
  • Постоянная работа
  • Полная занятость
  • 1 д. назад
DescriptionGL Healthcare Division Program is looking for a DevOps Engineer to join the team focused on FedRamp certification of the mission-critical medical data processing system.We have a trustworthy relationship with the Client, a multi-national MedTech corporation we have been cooperating with for 20 years.RequirementsSkillset Requirements:
  • AWS: EC2, ECS, Lambda, DynamoDB, SSM, IAM, RDS, KMS, VPC, GuardDuty, Security Hub, AWS Config, CloudTrail
  • Security Tools: Orca Security (Gov), Tenable One (Gov), CrowdStrike (Gov), Datadog (Gov)
  • Hardening: DISA STIG, CIS Benchmarks, container image scanning (e.g., RapidFort)
  • Automation: Terraform, CloudFormation, GitHub Actions or similar CI/CD, Ansible (optional)
  • SSP Support: Ability to generate technical evidence, screenshots, and system descriptions.
Nice to have: * FedRAMP Awareness: Experience with FedRAMP Moderate/High controls, boundary isolation, FIPS-validated toolsJob responsibilitiesThe DevOps Engineer will be responsible for designing, deploying, and hardening AWS GovCloud infrastructure to meet FedRAMP Moderate requirements. This role will work closely with the FORCE team, compliance analysts, and tool vendors to ensure security controls are implemented correctly, documented properly, and ready for 3PAO audit evidence collection. The engineer will also support tool integrations (CSPM, logging, endpoint protection) and enforce secure-by-default configurations using IaC and automation.Example Responsibilities:
  • Provision and configure AWS GovCloud infrastructure using Terraform:
  • Deploy SSM-managed EC2 instances with FIPS mode enabled
  • Set up GovCloud-native services: IAM, VPC, RDS, KMS, S3, Security Hub, GuardDuty
  • Implement least privilege IAM policies and secure networking (NACLs, SGs)
  • Support Docker and Windows OS hardening:
  • Integrate container scanning with RapidFort for base image hardening
  • Build EC2 Image Builder pipeline or Ansible-based automation to apply Windows Server 2022 DISA STIGs
  • Validate hardened AMIs and Docker images in LIFENET test environment
  • Deploy and validate FedRAMP-required tools:
  • Onboard AWS accounts into Orca Security (Gov)
  • Integrate scanning into CI/CD pipeline for infrastructure and app layers
  • Configure CrowdStrike Falcon (Gov) for endpoint protection and FIM coverage on EC2
  • Implement centralized logging and monitoring in GovCloud:
  • Deploy and configure Datadog (GovCloud) to collect OS logs, metrics, and audit events
  • Ensure all services are using FIPS-compliant agents and TLS 1.2+ encryption
  • Integrate with AWS-native logging (CloudTrail, Config, CloudWatch) for full visibility
  • Support security control testing and SSP documentation efforts:
  • Assist compliance analyst with generating technical evidence (screenshots, config exports)
  • Validate security control implementations for MFA, encryption in transit/at rest, boundary isolation
  • Document boundary architecture changes and contribute to Coalfire SSP artifact collection.
What we offerCulture of caring. At GlobalLogic, we prioritize a culture of caring. Across every region and department, at every level, we consistently put people first. From day one, you'll experience an inclusive culture of acceptance and belonging, where you'll have the chance to build meaningful connections with collaborative teammates, supportive managers, and compassionate leaders.Learning and development. We are committed to your continuous learning and development. You'll learn and grow daily in an environment with many opportunities to try new things, sharpen your skills, and advance your career at GlobalLogic. With our Career Navigator tool as just one example, GlobalLogic offers a rich array of programs, training curricula, and hands-on opportunities to grow personally and professionally.Interesting & meaningful work. GlobalLogic is known for engineering impact for and with clients around the world. As part of our team, you'll have the chance to work on projects that matter. Each is a unique opportunity to engage your curiosity and creative problem-solving skills as you help clients reimagine what's possible and bring new solutions to market. In the process, you'll have the privilege of working on some of the most cutting-edge and impactful solutions shaping the world today.Balance and flexibility. We believe in the importance of balance and flexibility. With many functional career areas, roles, and work arrangements, you can explore ways of achieving the perfect balance between your work and life. Your life extends beyond the office, and we always do our best to help you integrate and balance the best of work and life, having fun along the way!High-trust organization. We are a high-trust organization where integrity is key. By joining GlobalLogic, you're placing your trust in a safe, reliable, and ethical global company. Integrity and trust are a cornerstone of our value proposition to our employees and clients. You will find truthfulness, candor, and integrity in everything we do.About GlobalLogicGlobalLogic, a Hitachi Group Company, is a trusted digital engineering partner to the world's largest and most forward-thinking companies. Since 2000, we've been at the forefront of the digital revolution - helping create some of the most innovative and widely used digital products and experiences. Today we continue to collaborate with clients in transforming businesses and redefining industries through intelligent products, platforms, and services.

GlobalLogic