What You'll Be BuildingYou'll help design and implement a modern security automation platform, including:
- Compliance-as-Code (STIG, CIS, ISO 27001 controls enforced programmatically)
- Immutable, hardened Linux images built through container workflows
- CI/CD pipelines with embedded security gates (GitLab)
- Automated vulnerability management pipelines (scan → triage → remediate → verify)
- Infrastructure-as-Code for security tooling and scanning platforms
This isn't maintenance work-this is
greenfield engineering.
Why This Work MattersYour code will secure
CT-based screening systems deployed globally across:
- Airports
- Border control
- Critical infrastructure
These systems operate in
regulated, high-security environments where failures have real-world consequences.
You're not just building pipelines-you're
protecting national infrastructure at scale.
What You'll Do- Build and maintain Ansible-based hardening frameworks (DISA STIG, OpenSCAP)
- Engineer secure CI/CD pipelines with enforced security gates
- Create container-based OS images that pass compliance pre-deployment
- Develop Terraform-managed security infrastructure (Tenable, OpenSearch, Grafana)
- Automate vulnerability remediation pipelines
- Replace manual audit prep with continuous compliance and auto-generated evidence
- Map technical controls directly to ISO 27001 requirements
Tech You'll Work With- Ansible, Terraform, GitLab CI/CD
- Linux (RHEL/CentOS ecosystem)
- Containers (Docker/Podman, image pipelines)
- Vulnerability scanning (Tenable/Nessus/OpenVAS)
- OpenSCAP, STIG, CIS benchmarks
- OpenSearch / Grafana
What We're Looking For- Experience in DevOps, SRE, or security engineering
- Strong automation mindset-you eliminate manual processes
- Hands-on with infrastructure-as-code and CI/CD pipelines
- Comfortable working in Linux-heavy, production environments
- Experience (or strong interest) in security automation and compliance engineering
What Makes This Different- Greenfield opportunity - build systems from scratch, not maintain legacy
- Engineering-first security - automation over documentation
- Real-world impact - security that protects global infrastructure
- Cross-functional influence - partner with engineering, cybersecurity, and platform teams
- Modern stack - CI/CD, containers, IaC, and compliance automation
Bottom LineIf you're a DevOps or SRE engineer who moved into security-or a security engineer who writes real code-this is an opportunity to build something
modern, meaningful, and scalable.
