POSITION TITLE: DevSecOps Engineer (Intermediate)CLEARANCE REQUIREMENT: Must be eligible to obtain a Public Trust Tier 2 clearance or hold an active DoD security clearance
POSITION OVERVIEW: IMRI is seeking a motivated and technically proficient
DevSecOps Engineer to support a hybrid cloud environment within a federal program. This role focuses on advancing secure infrastructure automation, enhancing CI/CD pipelines, and integrating security throughout the software delivery lifecycle. The ideal candidate will build upon an established DevSecOps framework-leveraging existing tools, standards, and processes-to improve automation, strengthen security posture, and support scalable, resilient application and infrastructure delivery.
KEY RESPONSIBILITIES:Infrastructure Automation (IaC)- Maintain and enhance infrastructure as code using Terraform and OpenTofu
- Develop modular, reusable configurations aligned with existing engineering standards
- Manage state files, remote backends, and workspace configurations
- Refactor legacy infrastructure code to improve performance, scalability, and maintainability
- Execute infrastructure changes through approved change management processes
Configuration Management (CaC)- Develop and maintain Ansible playbooks and roles to automate system configuration and deployment
- Support patch management, compliance enforcement, and infrastructure consistency across environments
- Adhere to established role structures, variable conventions, and inventory management practices
CI/CD Pipeline Engineering- Build, maintain, and enhance GitHub Actions workflows for automated build, test, and deployment processes
- Integrate security controls within pipelines, including:
- Static application security testing (SAST)
- Dependency and vulnerability scanning
- Secrets detection
- Policy-as-code validation
- Ensure all pipeline changes follow peer review, version control, and approval workflows
Containerization & Orchestration- Support containerized application environments using Docker and Kubernetes
- Develop and maintain Dockerfiles aligned with secure image build practices
- Manage Kubernetes manifests and Helm charts to support application deployment and orchestration
- Assist with cluster operations, including performance monitoring and troubleshooting
- Ensure container images are scanned for vulnerabilities prior to deployment
Security Integration & Compliance- Integrate security practices across the development lifecycle (Shift-Left security)
- Implement and support security scanning tools, including SAST, secrets scanning, and infrastructure security validation
- Enforce infrastructure and container hardening standards aligned with CIS benchmarks and federal security baselines
- Support compliance activities aligned with NIST SP 800-53, FISMA, and related frameworks
- Produce audit-ready documentation to support assessments and compliance reviews
Collaboration & Engineering Practices- Work closely with cross-functional engineering teams in an Agile/Scrum environment, participating in stand-ups, sprint planning, and technical reviews
- Follow established version control, peer review, and change management workflows
- Ensure all updates to production systems are properly reviewed and approved through formal processes
- Maintain clear and accurate documentation of changes to shared codebases, pipelines, and infrastructure
Key Deliverables- Infrastructure as Code modules and documentation
- Ansible playbooks, roles, and execution logs
- GitHub Actions workflow configurations and pipeline documentation
- Dockerfiles, Kubernetes manifests, and Helm charts
- Security scanning configurations and compliance documentation
- Change logs and technical documentation supporting audit readiness
REQUIRED QUALIFICATIONS:- Hands-on experience with Terraform and/or OpenTofu, including module development and state management
- Proficiency with Ansible, including playbooks, roles, and automation workflows
- Experience designing and maintaining CI/CD pipelines using GitHub Actions
- Working knowledge of Docker and Kubernetes for containerized environments
- Familiarity with security tools and practices, including:
- SAST tools (e.g., Semgrep, Checkov, tfsec or similar)
- Secrets detection tools (e.g., Gitleaks, Detect-Secrets)
- Policy-as-code frameworks (e.g., OPA/Rego)
- Proficiency with Git-based version control, including branching, pull requests, and protected branch workflows
- Experience working within structured change management and documentation processes
PREFERRED QUALIFICATIONS:- Experience supporting federal or highly regulated environments
- Familiarity with NIST SP 800-53, FISMA, and FedRAMP compliance requirements
- Experience working within AWS cloud environments
- Familiarity with secrets management solutions such as HashiCorp Vault
- Scripting experience in Python and/or Bash
IMRI offers top-tier benefits that include: medical coverage through nationally recognized carriers, ancillary coverages, paid vacation and sick leave in compliance with all state and local laws, 401(k) with company match, company paid life insurance and LTD, and several additional voluntary coverages.
Pay will be commensurate with the experience, skills, and qualifications that the candidate brings to the position.
