Requisition ID: 1781

Standard Weekly Hours: 40.00

Location: ULA - Denver

Relocation: Yes- Relocation may be available

Travel Requirements: None/Infrequent

Job Overview & Responsibilities

At ULA, our mission success depends on a secure, reliable, and high-performing software development ecosystem. As a CI/CD Infrastructure Software Engineer specializing in AppSec and Operations, you will play a critical role in maintaining and advancing ULA's core CI/CD toolchain, including GitLab, Artifactory, XRay, and SonarQube. In this role, you will support tool uptime, execute security scanning workflows, troubleshoot pipeline and runner issues, and ensure that ULA's development environment meets rigorous audit, compliance, and reliability standards. You will partner across Software Engineering, Cybersecurity, and Cloud teams to strengthen secure coding practices and deliver stable, mission-aligned development infrastructure that enables engineers to build with confidence.

Core Technical Competencies:

CI/CD Infrastructure & Tooling

• Experience supporting and operating on-prem and cloud based Continuous Integration / Continuous Deployment (CI/CD) platforms, including:
  • JFrog Artifactory lifecycle management and repository governance
  • JFrog XRay scanning management and policy enforcement
  • SonarQube configuration, ruleset updates, and remediation workflows
  • GitLab runners, permissions, and basic pipeline troubleshooting

Application Security (AppSec) Foundations

• Understanding of secure coding concepts, static analysis, dependency scanning, Common Vulnerabilities and Exposures (CVE) identification, and application security remediation workflows.
• Ability to execute scanning routines, analyze findings, open remediation tasks, and support the secure coding dashboard & remediation cycle.

Cloud & Containerization Familiarity

• Basic hands-on experience with Amazon Web Services (AWS) core services, especially those relevant to CI/CD and scanning pipelines (S3, IAM, EC2/EKS).
• Familiarity with Kubernetes concepts and supporting Kubernetes based workloads.

Infrastructure as Code & Automation

• Foundational experience with Infrastructure as Code (IaC) or automation tooling such as Terraform, Ansible, Bash/Python scripting.
• Ability to follow established IaC patterns to support CI/CD infrastructure updates, maintenance tasks, and access configurations.

Operational Responsibilities:

Platform Operations

• Perform day-to-day operations for CI/CD tools (Artifactory/XRay/SonarQube/GitLab) including:
  • User access, permission updates, and audit support
  • Backup/restore tasks
  • Monitoring, alert response, and system health checks
  • Package and artifact lifecycle management
• Support quarterly upgrade cycles, configuration fixes, and stability improvements.

Security Scanning & Remediation Support

• Execute routine security scans across tools and pipelines.
• Review, triage, and escalating CVE or policy violations.
• Assist SWE teams in interpreting scanner reports and preparing remediation tasks.

Pipeline Support

• Assist CI/CD engineers and developers with pipeline break/fix issues.
• Maintain reliable builds for Software Engineering Teams by supporting artifact availability, scanner health, and GitLab runner readiness.

Compliance & Documentation

• Participate in Cybersecurity Maturity Model Certification (CMMC) and National Institute of Standards and Technology (NIST) related remediation work through accurate documentation, required evidence capture, and execution of recurring security activities.

Collaboration & Communication Expectations

• Work closely with senior engineers, including members of Cloud, CI/CD Infrastructure, and CI/CD Pipelines, on shared engineering tasks.
• Provide timely support to Software Engineering Teams during migrations, scanning cycles, or code delivery events.
• Communicate clearly with cross-functional teams.

Required Education

Bachelor

Required Years of Experience

Minimum of 4 years of related work experience

Basic Qualifications

• Four years of directly related exempt work experience may be used to satisfy the bachelor's degree requirement
• 4+ years of experience in DevOps, Cloud Engineering, Application Security (AppSec), or Software Engineering
• Experience supporting production CI/CD systems or DevSecOps workflows
• Hands-on experience with the following: GitLab, Artifactory, SonarQube, or security scanning tools
• Intermediate understanding of software build pipelines, package repositories, and code quality concepts
• Familiarity with AWS fundamentals and containerization concepts (Docker/Kubernetes)
• Ability to follow runbooks, execute operational tasks reliably, and document changes clearly
• Exposure to security frameworks or audit-driven engineering tasks
• Mid-to-senior level experience with Terraform or another IaC tool

Preferred Qualifications

• Bachelor's degree in a STEM (Science, Technology, Engineering, Mathematics) field from an accredited college or university
• Interest in automation, efficiency improvements, and evolving CI/CD and AppSec capability
• Any of the following certificates is a plus:
  • AWS Cloud Practitioner
  • AWS Solutions Architect (Associate level)
  • CKA - Certified Kubernetes Admin

Summary Salary Range (for ULA - Denveronly): $113,122.00 - $188,537.00

Please note that the salary information shown above is a general guideline only. Salaries are based upon a candidate's experience and qualifications, as well as internal equity, market and business considerations. Employees may be eligible for a discretionary annual bonus in addition to base pay.

We offer our employees competitive pay and benefits including:

• 401(k) match plus an additional employer contribution
• Discretionary annual incentive bonus for eligible employees
• Generous paid time off
• Flexible work environments

Additionally, most salaried ULA team members work a "9/80 schedule," meaning they enjoy every other Friday off.

Benefits and work schedules may vary for union-represented hourly positions and are described in the applicable collective bargaining agreement.

The application period for the job is estimated to be 20 days from the job posting date. However, this timeline may be shortened or extended depending on business needs and the availability of qualified candidates.