Computer Technologies Consultants (CTC) is seeking a
DevSecOps Engineer to support the Congressional Budget Office (CBO) in Washington, DC.
Why Should You Be Interested?
- Direct hire full-time position
- Competitive base salary and comprehensive benefits
- Mid-size company with room for growth
Position Title:
DevSecOps EngineerPosition Location: On-site - Washington, DC
Daily Responsibilities:- Integrate with Agency's engineering team, build upon established procedures and guidelines, and contribute across infrastructure automation, CI/CD pipeline capabilities, container orchestration, and security-hardened delivery practices.
- Maintain, extend, and improve existing Terraform and OpenTofu codebases used to provision and manage Agency's cloud and hybrid infrastructure.
- Develop and maintain Ansible playbooks and roles to automate system configuration, compliance enforcement, patch management, and application deployment across Agency's server and network infrastructure.
- Build, maintain, and improve GitHub Actions workflows to automate build, test, security scanning, and deployment processes for Agency software and infrastructure pipelines.
- Support containerized application delivery using Docker for image builds and Kubernetes for orchestration.
- Integrate security practices throughout the software delivery lifecycle, including SAST/DAST scanning, CIS benchmarks, Agency security baselines, NIST SP 800-53, FISMA compliance requirements, and audit/assessment documentation.
- Work within Agency's established version control, change management, peer review, documentation, and security policy workflows.
- Attend applicable stand-ups, sprint planning, and technical review sessions.
Required Years of Experience (min):
- Five years relevant experience
Required Degree/Certifications:
- Bachelor's degree or equivalent experience
Required Experience & Expertise in the following areas:
- Infrastructure as Code: Hands-on experience with Terraform and OpenTofu, including module development, remote state management, and workspace management.
- Configuration as Code: Proficiency with Ansible, including playbook and role development, dynamic inventories, and Ansible Vault for secrets management.
- CI/CD: Demonstrated experience designing and maintaining GitHub Actions workflows, including reusable workflows, matrix builds, and security gate integration.
- Containers: Working knowledge of Docker image authoring and hardening, Kubernetes manifest and Helm chart management, and container security scanning tools (e.g., Trivy, Grype, or equivalent).
- Security Integration: Familiarity with SAST tools (e.g., Semgrep, Checkov, tfsec), secrets scanning (e.g., Gitleaks, Detect-Secrets), and policy-as-code frameworks (e.g., OPA/Rego).
- Version Control: Proficiency with Git-based workflows including branching strategies, pull request reviews, and protected branch enforcement.
Preferred skills: - Experience in a federal or highly regulated environment
- Familiarity with NIST SP 800-53, FISMA, and FedRAMP compliance requirements
- Cloud platform experience (AWS)
- Experience with secrets management tools (e.g., HashiCorp Vault)
- Scripting proficiency in Python and Bash
Required Clearance:
- Public Trust Tier 2 clearance level and background check.
Pay InformationFull-Time Salary Range: $125k++
Please note: This range is based on our market pay structures. However, individual salaries are determined by a variety of factors including, but not limited to: business considerations, local market conditions, and internal equity, as well as candidate qualifications, such as skills, education, and experience.