AWS DevSecOps Engineer

About The Position

Requirements

• Bachelor's degree in Information Technology, Computer Science, Data Science, Engineering, Mathematics, or a related technical discipline.
• 5+ years of professional, hands-on experience in a DevOps or DevSecOps engineering role, including responsibility for production or pre-production environments.
• 5+ years of hands-on experience with AWS services, including core services such as Lambda, IAM, EC2, Elastic Load Balancing, CloudWatch, and CloudTrail.
• Experience designing, deploying, and operating containerized applications using Docker or OCI-compliant images, including image build, hardening, and use of private container registries such as Amazon ECR.
• Hands-on experience with Kubernetes in production, preferably with Amazon EKS, including Kubernetes RBAC, namespaces, ingress controllers, ConfigMaps, Secrets, and workload deployment strategies.
• Demonstrated experience building and maintaining CI/CD pipelines that automate build, test, and deployment workflows for containerized services.
• Experience implementing DevSecOps practices, including integration of security scanning tools into CI/CD pipelines such as SAST, SCA, container image vulnerability scanning, and secret detection.
• Practical experience with infrastructure as code using Terraform and/or AWS CloudFormation, including management of reusable modules or stacks.
• Familiarity with deploying and operating ML or data processing applications in AWS, for example inference services or data pipelines running on EKS, ECS, or related AWS services.
• Experience with at least one scripting or programming language such as Python, Bash, or PowerShell for automation, tooling, and integration tasks.
• Understanding of information security and compliance concepts relevant to federal environments, such as NIST SP 800-53, FedRAMP, DoD RMF, or CMMC, and how they influence technical design and configuration decisions.
• At least one current AWS certification required, such as AWS Certified Solutions Architect, AWS Certified SysOps Administrator, AWS Certified DevOps Engineer, or AWS Certified Security.
• Ability to work effectively remotely in cross-functional teams.
• Ability to meet deadlines and produce quality work.
• Proficient in Microsoft Suite software including Outlook, Word, Excel, SharePoint, and PowerPoint.

Nice To Haves

• Active DoD Secret Clearance preferred.
• Additional AWS and/or Microsoft Azure certification(s).
• Experience in cloud infrastructure development in AWS GovCloud and commercial AWS regions, with exposure to DoD or other regulated federal environments.
• Working knowledge of Agile Scrum methodology with JIRA and Confluence experience or similar tools.
• Experience with Terraform at scale, including module design and remote state management, and experience with Docker for container build and runtime.
• Experience with Kubernetes ecosystem tooling such as Helm, Argo CD, or Flux and familiarity with GitOps patterns for environment and application management.
• Experience with relational databases and non-relational databases such as MongoDB or DynamoDB.
• Experience with CI/CD automation, including environment promotion workflows, blue green or canary deployments, and rollback strategies.
• Demonstrated ability to mentor junior engineers or developers and to contribute to shared standards and best practices.
• Experience with unit testing and integration testing practices in the context of infrastructure and deployment automation.
• Experience developing or integrating code within government hosted or secure cloud environments, including environments that handle CUI or similar data classifications.

Responsibilities

• Design, implement, and operate secure AWS cloud environments, including GovCloud-based architectures, that support containerized applications and ML-enabled services.
• Build, configure, and maintain Amazon EKS clusters, including worker node groups, cluster networking, ingress, autoscaling, and lifecycle management for multiple environments such as development, staging, and production.
• Develop, maintain, and harden CI/CD pipelines that automate build, test, security scanning, and deployment for containerized applications using tools such as GitLab CI, GitHub Actions, Jenkins, or AWS CodePipeline and CodeBuild.
• Implement DevSecOps practices by integrating SAST, SCA, container image scanning, and other security tooling into the CI/CD process to enforce secure coding and secure configuration baselines.
• Define and manage infrastructure as code using Terraform and/or AWS CloudFormation templates for foundational services, EKS clusters, networking, and security controls.
• Support deployment and lifecycle management of ML and data-centric applications on AWS, including containerized ML inference services on EKS or similar architectures, with appropriate security and observability.
• Utilize AWS security and governance services such as AWS Identity and Access Management (IAM), AWS Key Management Service (KMS), AWS Security Hub, AWS Config, AWS CloudTrail, Amazon GuardDuty, and Amazon Inspector to enforce and monitor security posture.
• Inform design and implementation decisions by applying knowledge of secure cloud and DevSecOps architectures, NIST 800-53 aligned controls, and best practices for handling CUI and other sensitive data in AWS.
• Collaborate with software engineers, data engineers, ML engineers, and system administrators to deliver integrated solutions that combine application development, infrastructure, and security.
• Contribute to the development of reusable patterns, reference architectures, and documentation for DevSecOps workflows, including environment build-out, deployment procedures, and operational runbooks.
• Ensure security, privacy, and compliance of solutions by following federal cloud security best practices, AWS well-architected principles, and internal Pantheon Data standards.
• Work within a growing engineering team to support software and systems solutions across customers and projects in both federal and commercial environments.
• Participate in troubleshooting, performance tuning, and incident response activities related to AWS infrastructure, EKS clusters, and CI/CD toolchains.
• Communicate progress, risks, and technical issues clearly and succinctly in written and oral form to project managers, technical leads, and customer stakeholders.

Benefits

• Pantheon Data is committed to providing its employees with competitive salaries and benefits in order to increase employee satisfaction and productivity.
• In addition to our benefits, we also offer SmartBenefits through the Washington Metro Area Transportation Authority, where you specify an amount of your pre-tax wages be paid directly to your SmarTrip account.
• In some cases, tuition assistance may be available for continuing education expenses and certifications related to their position.
• Additional details may be found at https://pantheon-data.com/careers/