METRON

DevSecOps Engineer

METRON$100K — $130K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 5+ years in DevOps, DevSecOps, platform engineering, or a related field
  • Hands-on with Azure DevOps pipelines and YAML
  • Experience implementing security and compliance controls in CI/CD workflows
  • Familiarity with SAST, SCA, dependency scanning, and related security tools
  • Kubernetes, K3s, and container deployment experience
  • Scripting skills in PowerShell, Bash, Python, or similar languages
  • Strong technical documentation writing skills
  • Eligible to obtain a U.S. security clearance

Responsibilities

  • Design and implement secure CI/CD patterns in Azure DevOps
  • Support secure workflows in development, test, and production environments
  • Troubleshoot pipeline and release issues effectively
  • Integrate security checks into CI/CD workflows
  • Partner with cybersecurity for governance alignment
  • Collaborate on Kubernetes/K3s deployment security standards
  • Develop documentation and runbooks for secure workflows

Benefits

  • Medical, Dental and Vision Insurance
  • Flexible Spending and Health Savings Account options
  • Paid Time Off and holidays
  • Paid Parental Leave
  • Tuition and Professional Development Reimbursement
  • 401(k) with Traditional and Roth options
  • Gym and Fitness Reimbursement
Full Job Description
Job Description:

Our Reston, VA office is seeking a DevSecOps Engineer to help secure and improve software delivery across the enterprise. This role focuses on embedding security, quality, compliance, and software supply-chain controls into CI/CD workflows while partnering with software development, cybersecurity, platform engineering, systems engineering, and program teams.

This is an engineering role, not a pure governance or vulnerability-management position. The DevSecOps Engineer will work across Azure DevOps Server, Nexus, SonarQube, Kubernetes/K3s deployment workflows, artifact controls, and secure release patterns to help teams deliver software securely and reliably.

Occasional after-hours/weekend maintenance and emergency response may be required.

Key Responsibilities:

Secure CI/CD & Release Workflows
  • Design, implement, and improve secure CI/CD patterns in Azure DevOps, including reusable YAML templates, quality gates, artifact controls, and release safeguards
  • Support secure release workflows across development, test, integration, staging, and production environments
  • Troubleshoot pipeline failures, permissions issues, dependency problems, scan failures, and release blockers

Software Supply Chain & Security Controls
  • Integrate security and quality checks into build and release workflows, including SAST, SCA, dependency scanning, secrets scanning, code-quality gates, container scanning, and artifact validation
  • Support tools such as Nexus, SonarQube, Azure DevOps artifacts, and related code-quality or artifact-management platforms
  • Partner with cybersecurity to align CI/CD controls with SSP, RMF, NIST, CMMC, STIG, Zero Trust, audit, and program requirements

Kubernetes Guardrails & Developer Enablement
  • Partner with platform engineering on secure Kubernetes/K3s deployment standards, including namespaces, RBAC, ServiceAccounts, Helm, ingress, TLS, storage, quotas, and workload security
  • Create documentation, examples, runbooks, and onboarding materials for secure pipeline and deployment workflows
  • Track recurring developer pain points, pipeline health, scan outcomes, release blockers, and control gaps; turn findings into automation, templates, documentation, or improved guardrails

Required Qualifications:
  • 5+ years of experience in DevOps, DevSecOps, platform engineering, software delivery, systems engineering, or a closely related technical role
  • Hands-on experience with Azure DevOps pipelines, YAML, build/release workflows, repositories, artifacts, permissions, or agent-based builds
  • Experience implementing security, quality, or compliance controls in CI/CD workflows
  • Experience with secure software delivery practices such as SAST, SCA, dependency scanning, secrets handling, code-quality gates, artifact controls, or container scanning
  • Experience troubleshooting CI/CD failures, build issues, deployment problems, permissions issues, or dependency-related errors
  • Experience with Kubernetes, K3s, containers, Helm, or similar deployment technologies
  • Experience with scripting or automation using PowerShell, Bash, Python, or similar languages
  • Ability to write clear technical documentation, runbooks, onboarding guides, and troubleshooting procedures
  • Eligible to obtain and maintain a U.S. security clearance
  • Willing and able to work in regulated, secure, or compliance-bounded environments

Preferred Qualifications:
  • Active U.S. security clearance
  • Experience with Azure DevOps Server
  • Experience integrating or administering Nexus, SonarQube, or similar artifact and code-quality platforms
  • Experience with SBOM generation, SCA, container scanning, artifact signing, provenance, or software supply-chain security
  • Experience with policy-as-code, OPA/Gatekeeper, Kubernetes admission controls, or secure workload policies
  • Experience with Infrastructure-as-Code or Configuration-as-Code practices using Terraform, Ansible, Bicep, CloudFormation, or similar tools
  • Experience with Prometheus, Grafana, Loki, or similar observability platforms
  • Experience in defense contracting, government programs, CMMC, NIST 800-171, RMF, STIGs, or other compliance-driven environments

Position Location: Reston, VA (the selected individual will be expected to work onsite in the Reston, VA office)
Perks and Benefits
  • Medical, Dental and Vision Insurance
  • Accompanying FSA and HSA options
  • Additional Voluntary Benefits
  • Paid Time Off
  • 9 Observed Holidays and 2 Floating Holidays
  • Paid Parental Leave
  • Military Leave
  • Tuition Reimbursement
  • Professional Development Reimbursement
  • Annual Salary Reviews
  • Profit Sharing
  • 401(k) Traditional and Roth Options
  • Gym and Fitness Reimbursement
  • Employee Assistance Program
  • Employee Referral Program


About METRON

Metron delivers innovative solutions to challenging problems. For over 40 years, our dedication to technical rigor and a first-principles approach to problem-solving has consistently yielded creative solutions at the intersection of advanced mathematics, computer science, physics, and engineering. Metron is an employee-owned company dedicated to delivering innovative solutions for the most challenging problems. Metronites are leaders in their technical fields who have made the commitment to solve real-world problems. Our employees excel in applied mathematics, statistical inference, signal processing, autonomy, and software development. Equally important, they are inquisitive problem solvers who enjoy working in small teams to craft novel solutions to thorny problems.
Learn more about METRON
Size
50 employees
Industry

Similar Jobs

More Jobs at METRON

More Information Technology Jobs

Find similar DevSecOps Engineer jobs: