DevOps Integration Lead (Alexandria, VA or Seaside, CA)
About The Position
The DevOps Integration Lead serves as the primary technical and compliance integrator responsible for embedding RMF-aligned security controls, automated compliance checks, and continuous monitoring capabilities into CI/CD pipelines. This role drives the transition from traditional ATO processes to continuous ATO (cATO) by designing automated workflows, implementing real-time security validation, and ensuring DevSecOps teams operate in full alignment with DoD cybersecurity requirements. The position is critical to advancing automation maturity, strengthening security posture, and enabling rapid, compliant delivery across development and deployment environments.
Requirements
- Must have an active Secret Clearance to be considered
- Must be within 1 hour of Alexandria, VA or Seaside, CA
- Experience integrating security controls and RMF requirements into DevSecOps pipelines.
- Strong understanding of DoD RMF, NIST SP 800‑53 Rev. 4/5, DoDI 8500.01, and continuous monitoring practices.
- Hands-on experience with CI/CD tools (e.g., GitLab CI, Jenkins, GitHub Actions, Azure DevOps).
- Experience with automated security scanning tools (SAST, DAST, SCA, container scanning, IaC scanning).
- Familiarity with SIEM, vulnerability management platforms, and continuous monitoring technologies.
- Bachelor’s degree in Cybersecurity, IT, Computer Science, or related field.
- Ability to collaborate with ISSMs, ISSOs, system owners, and engineering teams.
- Strong documentation, communication, and stakeholder engagement skills.
- Must be able to pass background screening prior to employment.
- US Citizenship, legal permanent residence, or US work authorization with a minimum of 3 years of US presence is required due to federal contract requirement.
Nice To Haves
- Experience supporting or implementing continuous ATO (cATO) frameworks.
- Knowledge of cloud security (AWS, Azure, DoD Cloud environments).
- Experience with infrastructure-as-code (Terraform, Ansible, CloudFormation).
- Security certifications such as CISSP, CCSP, Security+, or equivalent DoD 8570/8140 certifications.
- Ability to obtain TS/SCI preferred.
Responsibilities
- Integrates CI/CD pipelines into RMF processes, enabling automated compliance validation, implementation of security controls, and real-time security scans for continuous ATO.
- Critical for supporting automation and security integration under RMF compliance workflows.
- Leads the integration of RMF compliance into DevSecOps pipelines to support automated compliance validations and facilitate cATO workflows.
- Designs CI/CD workflows that include automated security scans, continuous monitoring activities, and vulnerability remediations integrated into development cycles.
- Aligns DevSecOps team efforts with RMF compliance objectives, embedding security controls into testing and deployment pipelines.
- Develops playbooks or processes for transitioning from traditional ATO to cATO, helping teams operationalize real-time compliance checks.
- Proposes tools and techniques to enhance automation maturity for security controls, risk assessments, and compliance validation.
- Other duties as assigned.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
11-50 employees
