DevSecOps Engineer

About The Position

Requirements

• 5+ years of experience in DevOps, DevSecOps, platform engineering, software delivery, systems engineering, or a closely related technical role
• Hands-on experience with Azure DevOps pipelines, YAML, build/release workflows, repositories, artifacts, permissions, or agent-based builds
• Experience implementing security, quality, or compliance controls in CI/CD workflows
• Experience with secure software delivery practices such as SAST, SCA, dependency scanning, secrets handling, code-quality gates, artifact controls, or container scanning
• Experience troubleshooting CI/CD failures, build issues, deployment problems, permissions issues, or dependency-related errors
• Experience with Kubernetes, K3s, containers, Helm, or similar deployment technologies
• Experience with scripting or automation using PowerShell, Bash, Python, or similar languages
• Ability to write clear technical documentation, runbooks, onboarding guides, and troubleshooting procedures
• Eligible to obtain and maintain a U.S. security clearance
• Willing and able to work in regulated, secure, or compliance-bounded environments

Nice To Haves

• Active U.S. security clearance
• Experience with Azure DevOps Server
• Experience integrating or administering Nexus, SonarQube, or similar artifact and code-quality platforms
• Experience with SBOM generation, SCA, container scanning, artifact signing, provenance, or software supply-chain security
• Experience with policy-as-code, OPA/Gatekeeper, Kubernetes admission controls, or secure workload policies
• Experience with Infrastructure-as-Code or Configuration-as-Code practices using Terraform, Ansible, Bicep, CloudFormation, or similar tools
• Experience with Prometheus, Grafana, Loki, or similar observability platforms
• Experience in defense contracting, government programs, CMMC, NIST 800-171, RMF, STIGs, or other compliance-driven environments

Responsibilities

• Design, implement, and improve secure CI/CD patterns in Azure DevOps, including reusable YAML templates, quality gates, artifact controls, and release safeguards
• Support secure release workflows across development, test, integration, staging, and production environments
• Troubleshoot pipeline failures, permissions issues, dependency problems, scan failures, and release blockers
• Integrate security and quality checks into build and release workflows, including SAST, SCA, dependency scanning, secrets scanning, code-quality gates, container scanning, and artifact validation
• Support tools such as Nexus, SonarQube, Azure DevOps artifacts, and related code-quality or artifact-management platforms
• Partner with cybersecurity to align CI/CD controls with SSP, RMF, NIST, CMMC, STIG, Zero Trust, audit, and program requirements
• Partner with platform engineering on secure Kubernetes/K3s deployment standards, including namespaces, RBAC, ServiceAccounts, Helm, ingress, TLS, storage, quotas, and workload security
• Create documentation, examples, runbooks, and onboarding materials for secure pipeline and deployment workflows
• Track recurring developer pain points, pipeline health, scan outcomes, release blockers, and control gaps; turn findings into automation, templates, documentation, or improved guardrails

Benefits

• Medical, Dental and Vision Insurance
• Accompanying FSA and HSA options
• Additional Voluntary Benefits
• Paid Time Off
• 9 Observed Holidays and 2 Floating Holidays
• Paid Parental Leave
• Military Leave
• Tuition Reimbursement
• Professional Development Reimbursement
• Annual Salary Reviews
• Profit Sharing
• 401(k) Traditional and Roth Options
• Gym and Fitness Reimbursement
• Employee Assistance Program
• Employee Referral Program