Position OverviewThe DevSecOps Engineer - Junior supports the development and operation of secure DevSecOps pipelines in an enterprise continuous integration and delivery environment. This role assists with integrating security practices throughout the software development lifecycle while maintaining automation pipelines that improve build, test, and deployment reliability. The position works collaboratively with development, security, and operations teams to enhance secure software delivery processes and maintain documentation for pipelines, tooling, and procedures.
Key Responsibilities- Assist in designing, building, and maintaining CI/CD pipelines using tools such as Jenkins, GitLab CI, or GitHub Actions.
- Integrate security scanning tools (e.g., SAST, DAST, dependency scanning) into pipelines to detect vulnerabilities early in the lifecycle.
- Support Infrastructure-as-Code practices and automated environment provisioning to enable consistent and repeatable development, test, and production environments.
- Implement automated testing and quality gates in pipelines to enforce code security, reliability, and compliance standards.
- Manage source code repositories, branching strategies, and artifact versioning to ensure traceability and controlled releases.
- Monitor pipeline performance, troubleshoot build and deployment issues, and support deployment strategies such as blue-green and canary releases.
- Document DevSecOps processes, pipeline configurations, and operational procedures, and contribute to continuous improvement initiatives using metrics and feedback.
- Collaborate with development, security, and operations teams to optimize secure software delivery practices and maintain alignment with enterprise standards.
Required Qualifications- Bachelor's degree (or equivalent experience) in IT, Cybersecurity, Computer Science, Information Systems, Data Science, Software Engineering, or a related field.
- Typically 1-3 years of experience in DevSecOps, CI/CD, or software engineering environments.
- Foundational experience building or maintaining CI/CD pipelines and integrating automated build, test, and deployment processes.
- Familiarity with Infrastructure-as-Code concepts and tools and basic scripting for automation.
- Understanding of secure development practices and security scanning approaches within automated pipelines.
- Must meet DoD 8140 requirements and hold an active Secret clearance.
- U.S. citizenship required.
Preferred Qualifications- Familiarity with container platforms such as Docker and Kubernetes in support of modern deployment patterns.
- Exposure to security frameworks and compliance standards relevant to enterprise or government environments.
- Experience with scripting languages such as Python or Bash to automate pipeline and administrative tasks.
- Experience supporting deployment strategies such as blue-green, canary, or rolling deployments.
Compensation RangesCompensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees.
DisclaimerThe preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.