DevSecOps Engineer

About The Position

Requirements

• Five years of experience in DevSecOps, infrastructure automation, or continuous integration and continuous delivery (CI/CD) pipeline engineering.
• Hands-on experience with Terraform and OpenTofu, including modules, remote state, and workspace management.
• Proficiency with Ansible, including playbooks, roles, inventories, and secrets handling.
• Demonstrated experience designing and maintaining GitHub Actions workflows.
• Working knowledge of Docker, Kubernetes, Helm, and container security scanning tools.
• Familiarity with SAST tools, secrets scanning, policy-as-code frameworks, and Git-based workflows.
• Ability to meet federal screening and suitability requirements prior to start.

Nice To Haves

• Experience in regulated or federal environments.
• Familiarity with National Institute of Standards and Technology (NIST) Special Publication 800-53, the Federal Information Security Modernization Act (FISMA), and Federal Risk and Authorization Management Program (FedRAMP) compliance requirements.
• Amazon Web Services (AWS) cloud platform experience.
• Experience with secrets management tools such as HashiCorp Vault, plus Python and Bash scripting.

Responsibilities

• Maintain, extend, and improve infrastructure-as-code repositories using Terraform and OpenTofu.
• Develop and maintain configuration-as-code assets using Ansible.
• Build, maintain, and improve GitHub Actions workflows for build, test, scanning, and deployment automation.
• Support containerized delivery using Docker and Kubernetes, including manifests, Helm charts, role-based access control (RBAC), and image hardening and scanning.
• Integrate security practices into delivery pipelines, including static application security testing (SAST), secrets scanning, policy-as-code, and compliance hardening.
• Participate in stand-ups, sprint planning, technical reviews, peer reviews, and documentation updates.