DevSecOps EngineerPosition OverviewThe DevSecOps Engineer will be responsible for designing, implementing, and maintaining secure software delivery pipelines, infrastructure automation, containerized environments, and cloud-native engineering solutions. The ideal candidate will possess expertise in DevOps automation, Infrastructure as Code (IaC), CI/CD pipelines, cloud technologies, and security integration throughout the software development lifecycle.
Responsibilities- Design, develop, and maintain secure CI/CD pipelines supporting enterprise applications
- Develop and manage Infrastructure as Code (IaC) solutions using Terraform, OpenTofu, or similar technologies
- Build and support containerized environments using Docker and Kubernetes
- Integrate security controls into development and deployment pipelines
- Implement and maintain automated security testing solutions, including SAST, DAST, dependency scanning, and secrets detection
- Automate configuration management and deployment processes using Ansible or similar tools
- Support cloud-native application deployments and infrastructure modernization efforts
- Collaborate with software developers, cloud engineers, cybersecurity teams, and system administrators
- Support vulnerability remediation and security hardening initiatives
- Monitor pipeline performance, reliability, and security posture
- Maintain technical documentation, architecture diagrams, and operational procedures
- Support compliance efforts aligned with federal cybersecurity requirements and industry best practices
RequirementsRequired Qualifications- Bachelor's degree in Information Technology, Computer Science, Engineering, Cybersecurity, or related field (or equivalent experience)
- 5+ years of experience in DevOps, DevSecOps, Cloud Engineering, Site Reliability Engineering (SRE), or related disciplines
- Experience developing and maintaining CI/CD pipelines using GitHub Actions, GitLab CI/CD, Azure DevOps, Jenkins, or similar platforms
- Experience with Infrastructure as Code technologies such as Terraform or OpenTofu
- Experience with Docker and Kubernetes
- Experience implementing automated security testing within CI/CD pipelines
- Experience with source code management platforms such as GitHub or GitLab
- Experience with cloud environments including AWS and/or Microsoft Azure
- Experience automating deployments and configuration management
- Understanding of secure software development practices
- Ability to obtain and maintain a Public Trust clearance
Preferred Qualifications- Experience implementing SAST, DAST, Software Composition Analysis (SCA), secrets scanning, and policy-as-code solutions
- Experience with Ansible or similar automation platforms
- Experience supporting federal government environments
- Knowledge of NIST 800-53, FISMA, RMF, and Zero Trust principles
- Experience supporting container security and Kubernetes security controls
- Familiarity with CIS Benchmarks and cloud security best practices
- Relevant certifications such as AWS, Azure, Kubernetes (CKA/CKAD), Security+, CISSP, Terraform Associate, or similar
Clearance- Public Trust (Tier 2) clearance
LocationHybrid work environment with occasional onsite support as required.
