Job Summary
One of the main barriers to the efficient development of capabilities at SECRET (network) is the difficultly of transferring code and software packages from lower classification environments. This often requires manually downloading from the lower classification environment, sheep-dipping and uploading them to a new repository on the SECRET side.
Certain technologies are available that could automate this process whilst meeting security requirements. For example, a developer would request the package through an artefact repository and if it is not available, the package could be downloaded from an approved repository and transported securely to the higher classification network in near real-time.
There are multiple existing COTS technologies that could be used to support this functionality - it is envisaged that any solution would use these capabilities rather than creating anything highly bespoke.
Responsibilities & Duties
We are looking for a skilled Secure Automation Developer to join our IT Security and Automation team. The successful candidate will be responsible for developing and implementing automated processes to securely manage artefact repositories and ensure seamless package delivery across different classification networks. This role requires a strong understanding of security protocols, automation technologies, and software development.
Essential Skills
- Bachelor’s or Master’s degree in Computer Science, Information Technology, or a related field.
- Minimum of 8+ years of experience in automation development, IT security, or a related field.
- Technical Skills:
- Proficiency in automation tools and technologies (e.g., Ansible, Jenkins, Puppet).
- Strong programming skills in languages such as Python, Java, or Shell scripting.
- Experience with artefact repository management tools (e.g., Nexus, Artifactory).
- Knowledge of secure data transport protocols and encryption methods.
- Software Requirements:
- Ansible: For configuration management and automation.
- Jenkins: For continuous integration and continuous deployment (CI/CD) pipelines.
- Puppet: For infrastructure automation and management.
- Python/Java: For developing custom automation scripts and tools.
- Nexus/Artifactory: For managing artefact repositories.
- OpenSSL: For implementing secure data transport and encryption.
- Docker/Kubernetes: For containerization and orchestration of applications.
- Excellent analytical and problem-solving skills with the ability to troubleshoot complex systems.
- Strong written and verbal communication skills, with the ability to convey technical information clearly. Excellent verbal and written communication skills, with the ability to explain technical concepts to non-technical stakeholders.
Nice To Have Skills
- Experience with cloud platforms and services (e.g., AWS).
- Familiarity with DevSecOps practices and principles.
- Knowledge of network security and firewall configurations.
Background Check Required
BPSS minimum security clearance
Project Budget
- Budget – Day Rate: £ 525.00/Day plus VAT (Milestone based Payment)
- Expenses Allowed: No
- Extension: No
- Language: Fluent in English.
- Outside of IR35 regulation.
Payment Mechanism
Based on
commercial closure report prepared by the consultant and approved by the customer after formal acceptance of all deliverables.
Profile submission criteria
- Updated Resume in MS Word format
- Consultant must work as freelancer having his/her own VAT, Tax & Bank Account.
- Must have his/her own high speed internet connection, reasonably latest laptop with all necessary standard software licenses as the assignment has to be executed remotely from his/her residence.
Profile shortlisting criteria
- Signing off Consent letter for Right to Represent the consultant.
- Minimum three project details related to the proposed engagement.
- Minimum three professional references with email.
- Technical approach
Consultant must outline his/her approach to meet the technical requirement and produce the deliverables based on high level project plan to be shared with the shortlisted consultants only. (Maximum 1 pages in MS-WORD including any diagram if required)
Consultant must highlight his/her plan to prepare the deliverables including any milestones, any dependencies, any expectations from customer i.e., access to tool/platform/data etc. (Maximum 1 page (MS-WORD) including any diagram if required)