DevOps Engineer 2

Solicitation Reference Number

Customer Name

Texas Comptroller of Public Accounts

Category

Applications / Software Development

Customer Entity Name

Comptroller of Public Accounts

Title

DevOps Engineer

Level

DevOps Engineer

Estimated Hours

SSR Status

Posted

Number of Positions

Status

Resumes Allowed

Candidates Submitted

Full / Part Time

Full Time

IT STAFFING SERVICES SOLICITATION UNDER

DEPARTMENT OF INFORMATION RESOURCES

IT STAFF AUGMENTATION CONTRACT (ITSAC)

RFO DIR-CPO-TMP-

Solicitation Reference Number : Working Title : DevSecOps Engineer Title / Level : DevOps Engineer Category : Applications / Software Development Full Time

I. DESCRIPTION OF SERVICES

Texas Comptroller of Public Accounts requires the services of DevOps Engineer , hereafter referred to as Candidate(s), who meets the general qualifications of DevOps Engineer , Applications / Software Development and the specifications outlined in this document for the Texas Comptroller of Public Accounts .

All work products resulting from the project shall be considered "works made for hire " and are the property of the Texas Comptroller of Public Accounts and may include pre-selection requirements that potential Vendors (and their Candidates) submit to and satisfy criminal background checks as authorized by Texas law.

Texas Comptroller of Public Accounts will pay no fees for interviews or discussions, which occur during the process of selecting a Candidate(s).

The Worker will perform highly advanced DevOps related work as part of a cross-functional team under the direction and guidance of the Shared Application Services manager.

The Worker must have strong hands-on professional software development and / or IT operations experience building, testing, and deploying secure production applications and systems using continuous integration and continuous delivery / deployment (CI / CD) pipelines in a large-scale enterprise environment.

The worker will be responsible for designing, building, and maintaining our CI / CD pipelines, monitoring applications and infrastructure for performance issues, and conducting regular assessments to ensure systems are performing optimally.

The worker will also provide training on DevOps practices and stay updated on latest technologies. They should have expertise in a variety of DevOps tools, knowledge of DevOps automation, and strong experience with Linux administration, containerization technologies, and microservices architecture.

The worker is expected to proactively address potential security risks and performance issues to ensure the security, stability, and efficiency of our CI / CD pipelines.

CPA will require the Worker to work on the following initiatives and will perform advanced tasks such as :

• CI / CD Modernization and automation of the entire pipeline from code check-in to deployment utilizing industry best practices such as Infrastructure as Code (IaC), Configuration as Code (GitOps), and Blue-Green and Canary Deployment Strategies.
• Implement "Shift Left " security approach by integrating security tools and automating security checks and compliance into the CI / CD pipeline.
• Monitoring and Observability to provide comprehensive monitoring, logging, and alerting for the CI / CD pipeline.
• Participating in all phases of SDLC.
• Performing extensive code reviews and analysis.
• Writing reports on code analysis to determine if industry standards and secure coding best practices are being followed;

provide analysis to address found short comings.

Providing guidance and knowledge sharing to existing development staff.

Number of Resumes allowed per Vendor :

II. CANDIDATE SKILLS AND QUALIFICATIONS Minimum Requirements :

Candidates that do not meet or exceed the minimum stated requirements (skills / experience) will be displayed to customers but may not be chosen for this opportunity.

Years Required / Preferred Experience Required Professional experience in DevOps engineering, Software Development, or related field Required Experience with programming languages such as Java and .

NET Required Experience with scripting languages such as Bash, Python, and PowerShell to automate repetitive tasks such as monitoring, deployments, and configuration management Required Experience setting up and managing Jenkins servers, creating and maintaining CI / CD pipelines, integrating with other tools (, Git, Maven, SonarQube), writing Groovy scripts for pipeline automation, and monitoring and optimizing Jenkins performance.

Required Experience with Infrastructure as Code tools like Ansible, Terraform, or Chef Required Experience with containerization and orchestration tools such as Docker and Kubernetes Required Experience with automation of infrastructure provisioning and configuration management Required Experience with Maven in building and managing Java projects, maintaining POM files, troubleshooting build issues, dependency management and versioning, and integrating with CI / CD pipelines Required Experience with Artifactory set up, configuration, managing binary repositories, integrating with build tools (, Maven and Jenkins), managing artifact lifecycle and versioning, and implementing security and access controls.

Required Experience with microservices architecture, design, development and containerization and orchestration Required Experience with SQL and NoSQL databases Required Experience designing, developing, testing, integrating, and implementing secure REST APIs Required Experience with code reviews and in-depth code analysis Required Experience with highly complex application security requirements Required Experience with Git, Bitbucket, Subversion and version control systems Required Experience with SonarQube set up, configuration, integrating with CI / CD pipelines, and analyzing code quality and security vulnerabilities Required Experience with Jira and Confluence Required Experience with Agile teams Required Experience with coaching, training, mentoring and knowledge transfer Preferred Experience in Cybersecurity and implementing and automating security best practices into CI / CD pipelines Preferred Experience with security testing tools such as SAST, DAST, or IAST Preferred Experience with cloud technologies and platforms such as AWS and Azure Preferred Experience working with legacy applications / services Preferred Experience in modern web technologies such as JavaScript, , , Redux, HTML, CSS Preferred Public sector experience (Federal, State or Local Government) Preferred Proficient with the Microsoft Office products, including Outlook, TEAMS, Microsoft Project, Word, Visio, Excel and PowerPoint

III. TERMS OF SERVICE

Services are expected to start / / and are expected to complete by / / . Total estimated hours per Candidate shall not exceed hours.

This service may be amended, renewed, and / or extended providing both parties agree to do so in writing.

IV. WORK HOURS AND LOCATION

Services shall be provided during normal business hours unless otherwise coordinated through the Texas Comptroller of Public Accounts .

Normal business hours are Monday through Friday from : AM to : PM , excluding State holidays when the agency is closed.

The primary work location(s) will be at E th Street Austin, Texas . The working position is Hybrid - On Site and Telework .

Any and all travel, per diem, parking, and / or living expenses shall be at the Candidate's and / or Vendor's expense. Texas Comptroller of Public Accounts will provide pre-approved, written authorization for travel for any services to be performed away from the primary work location(s).

Pre-approved travel expenses are limited to the rates and comply with the rules prescribed by the State of Texas for travel by its classified employees, including any requirement for original receipts.

The Candidate(s) may be required to work outside the normal business hours on weekends, evenings and holidays, as requested.

Payment for work over hours will be at the hourly rate quoted and must be coordinated and pre-approved through Texas Comptroller of Public Accounts .

V. OTHER SPECIAL REQUIREMENTS

Must be able to :

• develop and maintain CI / CD pipelines and automate building, testing, and deployment of software applications.
• collaborate effectively with software engineers, operations staff, security teams, testers, and various stakeholders to identify and implement "shift left " security measures and best practices in the CI / CD pipelines.
• design, test, and implement secure software development practices and standards in the CI / CD pipelines.
• continuously monitor applications and infrastructure for security vulnerabilities and performance issues and coordinate remediation efforts.
• troubleshoot and resolve issues in the CI / CD pipelines to minimize downtime and limit impact to developers and stakeholders
• participate in incident response and troubleshooting sessions.
• In coordination and alignment with Information Security Office, document and communicate security procedures and policies.
• stay abreast of new technologies, industry standards and best practices, and integrate them into the pipeline architecture and design where applicable.
• be productive working independently or in a team environment (both local and remote) with minimal supervision.

Must possess :

• knowledge of DevSecOps methodologies, concepts, and practices
• knowledge of DevOps Automation
• comprehensive technical expertise in a variety of DevOps tools, including Ansible, Jenkins, Maven, Artifactory, SonarQube, Xray, Checkmarx, Jira, BitBucket, Subversion, Git / Version Control Software, or comparable technologies.
• familiarity with information security frameworks and standards such as NIST and OWASP Top .
• strong understanding of Linux administration and scripting languages (, PowerShell, Bash, Python)
• experience with microservices architecture and cloud-native development.
• experience with containerization and orchestration technologies like Docker and Kubernetes.
• strong written, verbal, and interpersonal communication skills.
• strong problem-solving skills and ability to multi-task with readiness to put in extra effort when necessary
• the willingness to learn

Must perform other related work as assigned

On-call Requirement : Worker may be required to provide support to an on-call programmer.