DevSecOps Compliance Engineer

Bigbear.ai-posted about 12 hours ago
Full-time • Mid Level
Onsite • Columbia, MD
501-1,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

BigBear.ai is seeking a DevSecOps Compliance Engineer to serve as the bridge between development operations and security compliance, responsible for implementing and maintaining an automated compliance platform within customer DevSecOps pipelines. This role ensures seamless integration of AI-driven compliance automation into existing software development lifecycles while maintaining continuous compliance monitoring and documentation generation capabilities. This position will be based out of our Columbia, MD office but will support multiple customers in the Baltimore/Washington corridor and beyond.

  • Integrate ATO Automation platform with customer CI/CD pipelines, source control systems (GitHub, GitLab), and DevOps toolchains
  • Configure and maintain automated security control validation workflows using ATO Automation platform's real-time code analysis capabilities
  • Implement continuous compliance monitoring by connecting ATO Automation platform to cloud service provider APIs (AWS, Azure) and infrastructure-as-code repositories
  • Automate System Security Plan (SSP) generation and maintain synchronization between system configurations and compliance documentation
  • Establish security gates within CI/CD pipelines that leverage ATO Automation platform’s automated control assessment capabilities
  • Collaborate with development teams to remediate compliance gaps identified through automated scanning
  • Configure integrations with security tools including SAST/DAST solutions (Fortify, SonarQube), container security platforms (Aqua, Twistlock), and vulnerability scanners (Tenable, Qualys)
  • Deploy ATO Automation platform connectors to GitLab or GitHub Enterprise repositories to enable real-time code analysis for NIST 800-53 control validation
  • Configure automated SSP generation workflows that parse infrastructure-as-code templates (Terraform, CloudFormation) and map security controls
  • Implement webhook integrations between ATO Automation platform and Jenkins pipelines to trigger compliance assessments on code commits
  • Create custom compliance dashboards that display real-time control implementation status across multiple frameworks (FedRAMP, CMMC, DoD SRG)
  • Develop automated remediation workflows that create JIRA tickets when ATO Automation platform detects compliance drift
  • Active TS/SCI with Poly
  • Strong experience with CI/CD platforms (Jenkins, GitLab CI, Azure DevOps, CircleCI)
  • Proficiency in Infrastructure as Code tools (Terraform, CloudFormation, ARM templates)
  • Deep understanding of NIST 800-53 Rev 5 security controls and FedRAMP compliance requirements
  • Experience with containerization and orchestration platforms (Docker, Kubernetes, OpenShift)
  • Knowledge of secure coding practices and application security testing methodologies
  • Proficiency in scripting languages (Python, Bash, PowerShell) for automation
  • Experience integrating security scanning tools into automated pipelines
  • Understanding of Git-based version control and branching strategies
  • Familiarity with OSCAL (Open Security Controls Assessment Language) standards
  • Experience with LLM-based automation platforms and Retrieval-Augmented Generation (RAG) architectures
  • Prior implementation of compliance automation tools in federal environments
  • Hands-on experience with AWS GovCloud or Azure Government cloud platforms
  • Knowledge of CMMC 2.0 requirements and DoD Security Requirements Guide
  • Certifications: Certified DevSecOps Professional, AWS Security Specialty, Azure Security Engineer
  • Experience with SIEM platforms (Splunk, QRadar) and log aggregation
  • Understanding of zero-trust architecture principles
  • Familiarity with continuous monitoring (ConMon) requirements for federal systems
Track Jobs with Teal

Job Search Resources

AI Resume Builder
DevSecOps Engineer Resume Examples
DevSecOps Engineer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service