Position: DevSecOps Engineer
Location: Remote / Alexandria, VA
Clearance: Preferred US Gov Secret or above clearance (not a hard requirement)
We are seeking a DevSecOps Engineer with deep expertise in DoD DevSecOps Reference Architecture, secure CI/CD implementation, and Defense cloud environments (AWS GovCloud, Azure Government, DoD Cloud or Air gapped environments). The ideal candidate combines hands-on engineering capability with a strong understanding of DoD cybersecurity requirements, RMF compliance, and infrastructure automation.
The Senior DevSecOps Engineer will lead efforts to integrate security practices into our development and operations processes, with a primary focus on assisting the company in obtaining and maintaining a DoD/DoW Authorization to Operate (ATO). If you're passionate about making a difference in the world and being part of groundbreaking technology in national security, this position is for you!
This position is 100% remote! We're looking for a candidate who is a U.S. citizen and resides in the contiguous United States. You'll be a W-2 employee of GeoDelphi, Inc., and we do not accept third-party applications. This role requires less than 20% travel.
Requirements1.
Secure CI/CD and Cloud Infrastructure - Design, implement, and maintain secure CI/CD pipelines aligned with DoD Enterprise DevSecOps Reference Design (DSOP).
- Automate deployment of secure environments using Terraform, Ansible, or CloudFormation for DoD or FedRAMP-compliant systems.
- Integrate static code analysis (SAST), dynamic testing (DAST), container scanning and various security toolsets within pipelines to enforce continuous compliance.
2.
Security Baselines & Compliance Integration - Implement and manage DoD STIGs, DISA baselines, and RMF controls in Infrastructure as Code (IaC).
- Translate DoD security controls into automated enforcement and validation within development pipelines.
- Develop scripts and tools for compliance validation (e.g., OpenSCAP, Chef InSpec, PowerSTIG).
- Help co-develop & maintain technical documentation for RMF authorization and continuous monitoring processes.
3.
Automation & Toolchain Management - Implement and manage DevSecOps tools such as GitLab, Jenkins, ArgoCD, Harbor, Nexus, SonarQube, Anchore, etc.
- Automate container security and orchestrate deployments using Kubernetes (Big Bang, Iron Bank images or similar.
- Manage secret storage, credential rotation, and logging using Vault, DoD-approved KMS, or AWS Secrets Manager.
4.
Collaboration and Governance - Work closely with security, development, and operations teams to ensure alignment with DoD RMF, NIST SP 800-53, and/or FedRAMP.
- Collaborate with Information System Security Officers (ISSOs), Information Systems Security Managers (ISSMs) and Security Control Assessors for ATO package development.
- Serve as an internal primary subject matter expert in federal compliance standards and cybersecurity practices.
EXPERIENCE - Bachelor's degree in Computer Science or related field (or equivalent experience).
- 7+ years of hands-on experience with DevSecOps in AI/ML or data-intensive systems.
- Familiarity with OpenShift or Kubernetes security hardening.
- Knowledge of Zero Trust Architecture (ZTA) concepts.
- Proven experience managing and driving successful ATO processes.
- Expertise with DevSecOps tools, practices, and frameworks.
- Strong understanding of federal security compliance standards (e.g., NIST 800-53, RMF, FedRAMP).
- Hands-on experience with cloud environments (AWS, Azure, or GCP) and containerization (Docker, Kubernetes).
- Strong scripting and automation skills (Python, Bash, or similar).
- Excellent leadership, communication, and documentation abilities.
- Active security clearance or eligibility to obtain one.
DESIRED SKILLS - Previous experience directly supporting government contracting or federal agencies.
- Relevant certifications such as: Certified Kubernetes Administrator (CKA), AWS Certified Security or DevOps Engineer, HashiCorp Certified Terraform Associate
BenefitsGEODELPHI BENEFITS - Medical, Dental, and Vision plans
- Unlimited PTO - Federal Holiday Paid Leave
- 12 weeks of paid Parental Leave
- Employer paid STD/LTD
- Employer Paid Life Insurance
- 401K plan and Employer Match Professional Development Assistance
- Equity Incentive Plan