DevSecOps Engineer I

About The Position

Requirements

• Bachelor’s degree in information technology, Cybersecurity, or related field.
• Experience supporting USDA, NRCS, or other federal geospatial programs.
• 1–3 years of experience in DevOps, DevSecOps, IT operations, or release management support roles.
• Experience supporting the full SDLC and release management lifecycle (non-development focus).
• Experience using SonarQube or equivalent static analysis tools to review and resolve audit findings and enforce coding and security standards.
• Experience with CI/CD pipelines (e.g., Jenkins, GitLab CI, Azure DevOps) from an operational or governance perspective.
• Experience with Ticketing systems (e.g., Jira) and version control systems (e.g., Git) for release tracking.
• Proficiency in Security frameworks (e.g., NIST, OWASP), Change management and ITIL processes.
• Experience in creating and maintaining documentation, SOPs, and audit artifacts.
• Attention to detail with a focus on compliance, traceability, and audit readiness.
• Must be able to obtain a Public Trust Security Clearance.

Nice To Haves

• Familiarity with cloud environments (e.g., AWS) from an operational perspective and containerized environments (e.g., Docker, Kubernetes) at a high level.
• Knowledge of Section 508 accessibility compliance.
• Experience supporting security audits, ATO processes, or compliance reviews.

Responsibilities

• Support planning, coordination, and execution of secure, controlled, and auditable releases.
• Ensure all releases meet quality, security, and operational acceptance criteria before deployment.
• Maintain and validate release artifacts, including checklists, test evidence, security results, and rollback plans.
• Write, track, and manage security, compliance, and operational tickets in alignment with SLAs.
• Coordinate and track vulnerability remediation and support security assessment activities.
• Maintain audit-ready documentation and evidence for all activities, ensuring traceability across tickets, changes, and releases.
• Develop and manage SOPs, runbooks, and operational documentation in approved repositories.
• Enforce change management and governance processes, ensuring proper authorization for all work.
• Support work intake, backlog normalization, and ticket lifecycle management in tools such as Jira.
• Track metrics, risks, and issues, including maintaining risk logs and reporting status to stakeholders.
• Support SDLC governance and DevSecOps practices, including CI/CD pipeline compliance and process improvement.
• Assist with operations and maintenance activities, including defect triage, patch coordination, and Tier 3 support documentation.

Benefits

• paid vacation
• medical
• dental
• vision
• matching 401K plan
• tuition/training reimbursement
• Long & Short-Term Disability