Cloud DevSecOps Engineer Sr - TS/SCI Clearance Required to start

Lockheed Martin•King of Prussia, PA

5d•Onsite

About The Position

Space is a critical domain, connecting our technologies, our security and our humanity. While others view space as a destination, we see it as a realm of possibilities, where we can do more — we can innovate, invest, inspire and integrate our capabilities to transform the future. At Lockheed Martin Space, we aim to harness the full potential of space to cultivate innovation, reduce costs, and push the boundaries of what technology can achieve. We’re creating future-ready solutions, focusing on resiliency and urgency through our 21st Century Security® vision. We’re erasing boundaries and forming partnerships across industries and around the world. We’re advancing spacecraft and the workforce to fuel the next generation. And we’re reimagining how space can connect us, ensuring security and prosperity. Within the Victor Portfolio of Space Security, we are seeking a highly skilled and motivated DevSecOps Engineer with a strong emphasis on security to join our dynamic team. In this role, you will be responsible for integrating security practices into every phase of our software development lifecycle, working closely with development, operations, and security teams. You will help design, implement, and maintain secure DevOps pipelines and ensure robust security measures are incorporated into the system infrastructure, applications, and cloud environments. The qualified candidate will leverage the latest DevSecOps tools and methodologies to identify and resolve security vulnerabilities early in the development process, and proactively manage potential security risks. The successful candidate will have a commendable work ethic, excellent communication skills, be a results oriented team player and problem-solver. This position is contingent upon the program award expected in early 2026.

Requirements

Active TS/SCI clearance
DoD 8140 (formally DoD 8570 IAT II) certification (at a minimum)
Experience implementing NIST Risk Management Framework (RMF) and NIST SP 800-53 controls
Experience with Security Technical implementation Guide (STIG) and security requirement implementation
Experience working with SIEM technologies (e.g. Splunk, Kibana) and vulnerability/compliance scanning tools (e.g. ACAS, SCAP)
Experience coordinating with Security Controls Assessor (SCAs) and customer security authorities

Nice To Haves

Experience implementing the JSIG, ICD 503, etc.
Knowledgeable in cloud technologies, containers, and orchestration tools like Kubernetes
Knowledgeable in automation tools like Ansible
Continuous learner - stays updated with the latest security threats, technologies, and cybersecurity trends

Responsibilities

Security Integration: Collaborate with DevOps and development teams to integrate security tools and practices into CI/CD pipelines. Embed security scanning, testing, and validation throughout the entire software development lifecycle.
Vulnerability Management: Proactively identify, assess, and mitigate security vulnerabilities and risks in infrastructure, applications, and code. Implement automated security testing (SAST/DAST) and vulnerability management processes.
Compliance & Best Practices: Ensure compliance with relevant security regulations (e.g., GDPR, SOC 2, HIPAA) and industry standards. Advocate for security best practices and provide guidance to the development and operations teams.
Incident Response: Work with security teams to develop incident response plans, conduct post-mortem analyses, and implement preventive measures to mitigate potential threats.
Monitoring & Reporting: Set up continuous monitoring systems to detect suspicious activities or breaches. Provide actionable insights and regular reports on security posture, vulnerabilities, and incident resolutions.