DevSecOps Engineer, Staff

About The Position

Requirements

• 3-5 years experience in classified or air-gapped environments and with cross-domain ordisconnected DevSecOps workflows.
• Hands-on experience with: DoD Enterprise DevSecOps platforms (e.g., Platform One, Iron Bank, relevant containers registries) Secrets management tools (e.g., HashiCorp Vault, AWS Secrets Manager, Key Management Systems) Cloud platforms (AWS, Azure, GCP) and hybrid/multi-cloud environments in a government context (e.g., IL4/IL5, GovCloud).
• Relevant certifications, such as: Security+ CE, CISSP, CASP+, or other DoD 8570/8140 certifications Red Hat (RHCSA/RHCE), Linux Foundation (CKA/CKAD), or similar DevOps/Cloud certifications (e.g., AWS/Azure DevOps Engineer, CNCF).
• Experience with Agile/Scrum or SAFe in defense programs.
• Strong written and verbal communication skills, including the ability to document architectures, pipelines, and security controls clearly for technical and non-technical stakeholders.
• Ability to work collaboratively in a multi-disciplinary, multi-contractor environment.
• Demonstrated problem-solving skills and ownership mindset in highly regulated,mission-critical contexts.

Responsibilities

• Design, implement, and maintain CI/CD pipelines (e.g., GitLab CI, GitHub Actions, Jenkins, Azure DevOps) to automate build, test, security scanning, and deployment processes.
• Integrate security tools (SAST, DAST, SCA, container scanning, secret detection) into the pipeline and enforce “shift-left” security practices.
• Develop and maintain Infrastructure as Code (IaC) using tools such as Terraform, Ansible, Helm, or CloudFormation.
• Implement and manage configuration management and environment provisioning for development, test, staging, and production environments.
• Administer and harden Linux-based systems (RHEL, CentOS, Rocky, Ubuntu, or similar) in accordance with DoD security standards (e.g., STIGs, CIS Benchmarks).
• Manage system services, networking, access controls, logging, and system monitoring on Linux platforms.
• Troubleshoot performance, reliability, and security issues on Linux servers, containers, and virtual machines.
• Build and maintain containerized workloads (Docker/Podman) and orchestrated environments (Kubernetes/OpenShift or similar).
• Implement and maintain security controls in line with DoD and federal requirements (e.g., RMF, NIST SP 800-53, NIST 800-171, CMMC).
• Support Authority to Operate (ATO) activities by producing required DevSecOps and system artifacts (e.g., pipeline documentation, security test results, configuration baselines).
• Collaborate with ISSOs, security engineers, and program managers to ensure continuous compliance and vulnerability remediation.
• Implement monitoring, alerting, and logging solutions (e.g., ELK/EFK, Splunk, Prometheus/Grafana) to support security operations and incident response.
• Work within the constraints and requirements of DoD acquisition lifecycle frameworks (e.g., DoDI 5000 series, DoD 5000.02, Adaptive Acquisition Framework).
• Align DevSecOps practices with program milestones, deliveries, and documentation expectations (e.g., CDR, TRR, test events, fielding).
• Participate in technical reviews, risk assessments, and planning sessions with program stakeholders and government customers.
• Provide technical input to acquisition artifacts such as System Engineering Plans, Test Plans, and Cybersecurity Strategies.
• Partner with developers, system engineers, cybersecurity, and program management to define secure architecture patterns and deployment strategies.
• Champion DevSecOps best practices, secure coding standards, and continuous improvement across the team.
• Mentor junior engineers and contribute to internal standards, templates, and playbooks.

Benefits

• AMERICAN SYSTEMS provides for the welfare of its employees and their dependents through a comprehensive benefits program by offering healthcare benefits, paid leave, retirement plans, insurance programs, and education and training assistance.