DevOps Security Engineer ( US Citizen)

About The Position

Requirements

• 3–6 years of experience in DevOps, DevSecOps, or security engineering.
• Experience building and maintaining CI/CD pipelines (GitHub Actions, Jenkins, GitLab CI, or similar).
• Familiarity with cloud platforms such as AWS, Azure, or GCP.
• Experience with container technologies (Docker, Kubernetes).
• Understanding of secure software development lifecycle (SSDLC) practices.
• Experience integrating security tools such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), Container vulnerability scanning
• Scripting experience (Python, Bash, or similar).
• Familiarity with Infrastructure as Code tools (Ansible, Terraform, CloudFormation, etc.).
• Must be well versed in working with a diverse group of stakeholders - business analysts, solution architects, technical managers, developers, QA, customer IT
• Excellent communication (verbal and written) and interpersonal skills
• Ability to work while embedded in customers’ teams remotely
• High degree of initiative and ownership to take a task and own it from inception to completion.

Nice To Haves

• Experience implementing DevSecOps practices in enterprise software environments.
• Knowledge of container and Kubernetes security best practices.
• Experience with secrets management solutions (Vault, AWS Secrets Manager, Azure Key Vault).
• Familiarity with security frameworks such as NIST, CIS Benchmarks, OWASP Top 10
• Experience supporting government or regulated environments (FedRAMP, DoD Impact Levels, etc.).
• Security certifications such as Security+, CISSP (associate level), Certified Kubernetes Security Specialist (CKS)

Responsibilities

• Design and implement security controls within CI/CD pipelines to ensure secure software delivery.
• Integrate automated security testing tools such as SAST, DAST, SCA, and container scanning.
• Embed security checks into build and deployment processes to identify vulnerabilities early in the SDLC.
• Work with DevOps teams to secure cloud infrastructure, containers, and Kubernetes environments.
• Implement Infrastructure-as-Code security scanning and policy enforcement.
• Develop automation scripts and integrations to support security workflows.
• Maintain and enhance CI/CD platforms and pipeline security tooling.
• Integrate vulnerability management tools with development workflows.
• Partner with developers and QA teams to promote secure coding practices.
• Assist engineering teams in remediating vulnerabilities identified during testing and scanning.
• Collaborate with internal and customer security teams to implement organizational security standards.
• Support security compliance requirements such as SOC2, FedRAMP, or DoD security standards where applicable.
• Assist with security audits and vulnerability remediation tracking.
• Help maintain documentation of DevSecOps processes and controls.

Benefits

• Comprehensive Medical, Dental and Vision
• 401K with Matching
• Flexible Time Off
• Corporate Fitness Program
• A variety of voluntary benefits such as; Legal Plans, Accident and Hospital Indemnity, Pet Insurance and much more
• annual performance bonus or commission program