Role : DevOps Security Engineer ( US citizen)Location : Ogden, UTAH, 100% Onsite role. NO REMOTEUS Citizens only with active clearance REQUIREDBlue Yonder Defense Solutions (BYDS) is seeking a DevSecOps Engineer to help integrate security practices into our software development and DevOps processes. This role will work closely with development, QA, and operations teams to build and maintain secure CI/CD pipelines, automate security testing, and ensure our platforms and applications meet enterprise security standards.
The ideal candidate is passionate about automation, cloud-native security, and secure software delivery, and has experience embedding security into modern DevOps environments.
Primary Duties and ResponsibilitiesDevSecOps Implementation- Design and implement security controls within CI/CD pipelines to ensure secure software delivery.
- Integrate automated security testing tools such as SAST, DAST, SCA, and container scanning.
- Embed security checks into build and deployment processes to identify vulnerabilities early in the SDLC.
Platform & Infrastructure Security- Work with DevOps teams to secure cloud infrastructure, containers, and Kubernetes environments.
- Implement Infrastructure-as-Code security scanning and policy enforcement.
Automation & Tooling- Develop automation scripts and integrations to support security workflows.
- Maintain and enhance CI/CD platforms and pipeline security tooling.
- Integrate vulnerability management tools with development workflows.
Collaboration- Partner with developers and QA teams to promote secure coding practices.
- Assist engineering teams in remediating vulnerabilities identified during testing and scanning.
- Collaborate with internal and customer security teams to implement organizational security standards.
Compliance & Governance- Support security compliance requirements such as SOC2, FedRAMP, or DoD security standards where applicable.
- Assist with security audits and vulnerability remediation tracking.
- Help maintain documentation of DevSecOps processes and controls.
Required Qualifications- 3-6 years of experience in DevOps, DevSecOps, or security engineering.
- Experience building and maintaining CI/CD pipelines (GitHub Actions, Jenkins, GitLab CI, or similar).
- Familiarity with cloud platforms such as AWS, Azure, or GCP.
- Experience with container technologies (Docker, Kubernetes).
- Understanding of secure software development lifecycle (SSDLC) practices.
- Experience integrating security tools such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), Container vulnerability scanning
- Scripting experience (Python, Bash, or similar).
- Familiarity with Infrastructure as Code tools (Ansible, Terraform, CloudFormation, etc.).
Preferred Qualifications- Experience implementing DevSecOps practices in enterprise software environments.
- Knowledge of container and Kubernetes security best practices.
- Experience with secrets management solutions (Vault, AWS Secrets Manager, Azure Key Vault).
- Familiarity with security frameworks such as NIST, CIS Benchmarks, OWASP Top 10
- Experience supporting government or regulated environments (FedRAMP, DoD Impact Levels, etc.).
- Security certifications such as Security+, CISSP (associate level), Certified Kubernetes Security Specialist (CKS)
Key Skills- DevSecOps and secure SDLC
- CI/CD automation
- Cloud security
- Container and Kubernetes security
- Vulnerability management
- Infrastructure as Code
- Security tooling integration
Additional Skills- Must be well versed in working with a diverse group of stakeholders - business analysts, solution architects, technical managers, developers, QA, customer IT
• Excellent communication (verbal and written) and interpersonal skills
- Ability to work while embedded in customers' teams remotely
• High degree of initiative and ownership to take a task and own it from inception to completion
The salary range information provided, reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual salary will be commensurate with skills, experience, certifications or licenses and other relevant factors. In addition, this role will be eligible to participate in either the annual performance bonus or commission program, determined by the nature of the position.
At Blue Yonder, we care about the wellbeing of our employees and those most important to them. This is reflected in our robust benefits package and options that includes:
- Comprehensive Medical, Dental and Vision
- 401K with Matching
- Flexible Time Off
- Corporate Fitness Program
- A variety of voluntary benefits such as; Legal Plans, Accident and Hospital Indemnity, Pet Insurance and much more
