DevSecOps Engineer – Mid-Level

Nationwide IT ServicesDC, DC
Remote

About The Position

Nationwide IT Services is seeking a Mid-Level DevSecOps Engineer to support secure infrastructure automation and software delivery for a federal customer. The engineer will extend the customer’s existing DevSecOps environment using approved tools and established standards, with a focus on infrastructure as code, configuration automation, CI/CD security, container delivery, and security control alignment. This role requires hands-on experience with Terraform/OpenTofu, Ansible, GitHub Actions, Docker, Kubernetes, Helm, and DevSecOps security tooling. The selected candidate will inherit existing customer standards and will not introduce new tools without approval.

Requirements

  • Mid-level hands-on experience with Terraform and/or OpenTofu.
  • Experience building and maintaining Ansible playbooks and roles.
  • Experience with GitHub Actions CI/CD pipelines.
  • Familiarity with embedded security gates, including: SAST tools such as Semgrep, IaC scanning tools such as Checkov or tfsec, Secrets scanning tools such as Gitleaks, Policy-as-code using OPA/Rego.
  • Experience with Docker image hardening.
  • Experience with Kubernetes manifests and Helm.
  • Experience with container image scanning tools such as Trivy or Grype.
  • Knowledge of CIS benchmarks and NIST security controls.
  • Bachelor’s degree in Information Technology, Computer Science, or equivalent experience.

Nice To Haves

  • Federal government or FedRAMP experience.
  • AWS experience.
  • HashiCorp Vault experience.
  • Python and/or Bash scripting experience.

Responsibilities

  • Develop and maintain infrastructure as code using Terraform and OpenTofu.
  • Support modular IaC configurations, remote state management, and change-controlled deployments.
  • Build and maintain Ansible playbooks and roles, including secure secrets handling with Ansible Vault.
  • Implement and support GitHub Actions CI/CD pipelines with embedded security gates.
  • Integrate SAST, IaC scanning, secrets scanning, and policy-as-code checks into delivery pipelines.
  • Harden Docker images and support Kubernetes manifests and Helm charts.
  • Perform container image scanning and remediation using tools such as Trivy or Grype.
  • Align security implementation with CIS benchmarks and NIST SP 800-53, 800-171, and 800-207 control families.
  • Support secure automation practices across infrastructure, application delivery, and container environments.
  • Work within existing customer-approved standards, processes, and tools.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service