Senior DevSecOps Engineer

About The Position

Requirements

• Active Secret clearance or higher (TS/SCI preferred); experience on DoD or federal contracts and familiarity with DoD processes.
• Hands-on multi-cloud experience (AWS, Azure, GCP) — strong experience in at least two providers; deep Kubernetes and containerization knowledge (EKS/GKE/OpenShift/RKE2/K3s).
• At least 3+ year proven experience designing and operating CI/CD/GitOps pipelines and pipeline orchestrators (Jenkins, GitLab, GitHub Actions, ArgoCD, etc.).
• At least 3+ proficiency with Terraform, Ansible, or similar; scripting in Bash, Python, or Go.
• Strong background in Zero Trust, IAM, network security (microsegmentation, VPN, load balancing), secrets management, and embedding security into pipelines.
• Experience with platform operations, cluster lifecycle management, upgrades, and automation of routine tasks.
• Strong written and verbal skills; demonstrated ability to lead and mentor teams and present to senior leadership.
• Cloud Platform: One or more from AWS (Solutions Architect Professional, DevOps Pro, Security Specialty), Azure (Solutions Architect Expert, DevOps Engineer Expert), or GCP (Professional Cloud Architect / DevOps / Security Engineer).
• Security: CISSP, CCSP, CEH, or GIAC (GSEC/GCIH) or Security+ CE.
• DoD/Federal: DoD 8140/8570 compliance (Security+ minimum; CISSP/CASP+ preferred).
• Kubernetes: CKA/CKAD, Terraform Associate, CNCF certifications.
• US Citizen.

Nice To Haves

• Active Top Secret/SCI clearance.
• Experience with Navy, Marine Corps, or other service programs and Platform One / DoD Enterprise DevSecOps Reference Design.
• Familiarity with software factory concepts, continuous ATO (cATO), and classified environment automation.
• Familiarity with Agile/SAFe in government contexts.
• Hands-on coding experience (Python, Go, Bash).
• Experience with observability stacks (Prometheus, Fluentd, Loki, Grafana), service mesh (Istio, Envoy), and CNCF ecosystem tooling.

Responsibilities

• Architecture & Strategy: Design enterprise-scale DevSecOps and cloud-native architectures across AWS, Azure, GCP, and on-premise; define technical roadmaps; apply Zero Trust and defense-in-depth principles; lead architecture reviews and threat modeling.
• Platform & Infrastructure: Stand up and maintain secure infrastructure (cloud and on-premise air-gapped), including Kubernetes clusters and container platforms; oversee environment automation and reproducible provisioning.
• CI/CD & Pipelines: Architect and implement CI/CD and GitOps pipelines that integrate security scanning, compliance validation (RMF/NIST), automated testing, and continuous ATO/cATO workflows; design pipeline orchestration using tools such as GitLab CI, Jenkins, GitHub Actions, ArgoCD, and Flux.
• Infrastructure as Code (IaC) & Automation: Champion IaC and environment templatization (Terraform, Ansible, Kustomize, Helm, Jinja, etc.); automate provisioning, configuration management, and operational tasks.
• Security & Compliance: Integrate security controls into pipelines and platforms (secrets management, IAM, microsegmentation); ensure adherence to DoD security frameworks, RMF, and authorization processes; lead security architecture reviews.
• Operations & Upgrades: Maintain and upgrade production infrastructure and Kubernetes clusters; implement observability, monitoring, logging, and incident response practices.

Benefits

• Competitive pay and benefits