ICF is seeking a motivated DevSecOps Engineer with 2+ years of experience to support mission-critical initiatives for our government customer. In this role, you will help secure applications and cloud-based systems by applying DevSecOps practices throughout the software development lifecycle.
Job Location: This is a fully remote role which may require occasional travel to the DC Metro area as needed for onsite client meetings.
If you accept this position, please note that ICF monitors employee work locations, blocks access from foreign locations and foreign IP addresses, and prohibits personal VPN connections.
What You Will Do- Support the build and maintenance of CI/CD pipelines for automated build, test, security scanning, and deployment activities.
- Integrate security controls into the software development lifecycle, including static code analysis, dependency scanning, and vulnerability checks.
- Assist in implementing Infrastructure as Code using Terraform, CloudFormation, or similar tools to provision and manage cloud environments in a consistent and secure manner.
- Support containerized application deployments using tools such as Docker and Kubernetes or similar platforms.
- Help monitor applications, infrastructure, and pipelines to identify issues, vulnerabilities, and performance bottlenecks.
- Collaborate with development, security, and operations teams to improve delivery reliability and security posture.
- Participate in troubleshooting build, deployment, and environment issues across development, test, and production environments.
- Support automated release processes by improving pipeline reliability, deployment quality, and environment consistency across development, integration, and production.
- Maintain documentation for pipelines, automation workflows, security checks, and deployment procedures.
- Support secure configuration management, secrets handling, and access control practices across environments.
- Contribute to the continuous improvement of DevSecOps processes, tools, and automation capabilities.
What You Will Bring- Active Top Secret clearance.
- 2+ years of experience with DevSecOps practices, including integrating security scanning and vulnerability detection into CI/CD workflows.
What We Would Like You to Bring:- Bachelor's degree in Computer Science, Information Systems, Engineering, Cybersecurity, or a related technical field preferred.
- 2+ years of experience in DevSecOps related technical roles.
- 2+ years of experience building and supporting CI/CD pipelines using tools such as Jenkins, GitHub Actions, GitLab CI, or similar platforms.
- 2+ years of experience with AWS cloud services and cloud-based deployment environments.
- Hands-on experience with Infrastructure as Code tools such as Terraform, CloudFormation, or similar.
- Experience with container technologies such as Docker and familiarity with Kubernetes, OpenShift, or similar orchestration platforms.
- Basic knowledge of secure software development practices, IAM, secrets management, and cloud security principles.
- Ability to troubleshoot pipeline, deployment, and environment-related issues in a collaborative team setting.
Preferred Qualifications- Exposure to automated security testing tools such as SAST, DAST, SCA, or container vulnerability scanners.
- Familiarity with monitoring and logging tools such as CloudWatch, ELK, Splunk, or similar platforms.
- Familiarity with Infrastructure as Code tools such as Terraform, CloudFormation, or similar technologies.
- 2+ years of experience supporting automated deployments and release processes.
- 2+ years of experience integrating security practices into CI/CD pipelines and software development workflows.
- Experience working in Agile or Scrum-based development environments.
- Understanding of compliance and security frameworks such as NIST, FISMA, FedRAMP, or similar standards.
- Relevant cloud or security certifications such as AWS Certified Cloud Practitioner, AWS Developer Associate, Security+, or similar are a plus.
- Experience with scripting or automation using Bash, Python, or similar languages.
Professional Skills- Strong communication and collaboration skills with the ability to work across development, infrastructure, and security teams.
- Detail-oriented mindset with a focus on automation, reliability, and secure delivery practices.
- Ability to manage multiple priorities and support fast-paced delivery environments.
- Willingness to learn new DevSecOps tools, cloud services, and security best practices.
- Strong analytical and problem-solving skills with the ability to identify issues and recommend practical solutions.
Pay Range - There are multiple factors that are considered in determining final pay for a position, including, but not limited to, relevant work experience, skills, certifications and competencies that align to the specified role, geographic location, education and certifications as well as contract provisions regarding labor categories that are specific to the position.
The pay range for this position based on full-time employment is:
$89,649.00 - $152,404.00
Nationwide Remote Office (US99)
