AWS DevSecOps Security Sr Principal

General Dynamics Information Technology

1d•$136,000 - $184,000•Remote

About The Position

The CMM AWS DevSecOps Security Sr Principal will work as part of an agile development team to build and support the modernization of enterprise-class software applications. The AWS DevSecOps Security Sr Principal will be a specialist in GitLab CI/CD and is responsible for integrating automated security controls throughout the CI/CD pipeline and SDLC, responsible for compliance validation, and secure software supply chain protections throughout the AOUSC CI/CD ecosystem. This role serves as the technical lead for secure Infrastructure as Code (IaC), policy-as-code enforcement, container security, pipeline security, software composition analysis, and continuous vulnerability management within AWS-native development environments. The role ensures all DevSecOps pipelines, infrastructure deployments, containerized workloads, and application releases align with JISF controls, Security Assessment Plan requirements, secure coding standards, and continuous ATO readiness objectives. The engineer embeds automated security validation directly into GitLab CI/CD workflows to enforce security-by-design and prevent non-compliant deployments. This role additionally supports secure Kubernetes and container orchestration, automated SAST/DAST/SCA scanning, SBOM generation, IaC scanning, runtime security monitoring, and security automation orchestration across all environments.

Requirements

Technical Training, Certification(s), or Degree required; MA/MS preferred. Experience may be considered in lieu of preferred degree as follows: HS (16+ years), AA/AS (14+ years), BA/BS (12+ years), Doctorate Degree/Ph.D. (9+ years)
8+ years DevSecOps security experience required; 10+ years of general experience in information systems preferred
5+ years AWS cloud security engineering experience
5+ years CI/CD security integration experience
Experience with IaC security and Terraform
Experience implementing SAST/DAST/SCA tooling
Experience supporting federal RMF/ATO programs
Experience integrating telemetry into SIEM platforms
Experience supporting secure Agile delivery environments
Strong analytical, documentation, communication, and cross-functional coordination skills.
AWS Certified DevOps Engineer – Professional - must possess or be able to obtain within 180 days of hire
Certified Kubernetes Security Specialist (CKS) - must possess or be able to obtain within 180 days of hire
Must be able to pass a background check to obtain a position of Public Trust
Must be a US Person

Responsibilities

Design and implement secure GitLab CI/CD pipelines with integrated SAST, DAST, SCA, IaC scanning, and secrets detection
Vulnerability management by supporting remediations of SAST/DAST/SCA findings
Implement automated policy-as-code validation using Terraform
Develop secure Infrastructure as Code standards for AWS environments
Integrate CNAPP/CSPM/CWPP tooling into CI/CD workflows
Implement container image scanning and Kubernetes runtime protection
Perform continuous vulnerability scanning across code repositories, containers, APIs, and infrastructure
Implement automated rollback and remediation workflows
Harden Kubernetes clusters, Docker environments, and runtime configurations
Develop secure secrets management integration patterns using AWS Secrets Manager and KMS
Implement IaC drift detection and compliance enforcement
Develop DevSecOps operational standards and pipeline governance procedures
Automate evidence collection from CI/CD security tools for ATO support
Configure canary deployment and secure release validation workflows
Support vulnerability remediation coordination with development teams
Maintain DevSecOps metrics dashboards and reporting
Support penetration testing remediation activities
Provide secure coding guidance aligned to OWASP standards