DevSecOps Engineer
About The Position
Dark Wolf is seeking a DevSecOps Engineer to support the development and sustainment of a cloud-based platform that enables cyber operations. The successful candidate will architect a centralized secure image factory, integrate proprietary scanning tools, and manage the supply chain of hardened containers. The team provides support to enhance and develop new applications, analytics, and services for the customer and to modernize capabilities through an agile, evolving requirement identification and prioritization process. This position will call for support at a main DW supported office location. Tasks may include assisting with:
Requirements
- Bachelor’s degree in IT Security, Information Systems, or equivalent
- Minimum of 4+ years of experience working with commercial cloud service providers (AWS, Azure, or GCP)
- Extensive experience with Containerization (Docker, Kubernetes) and Container Security
- Experience designing Infrastructure as Code solutions using Terraform or Ansible
- Strong proficiency in CI/CD tooling (GitLab CI, Jenkins, ArgoCD, or similar)
- Experience with Linux administration and hardening
- Demonstrated knowledge of DevSecOps processes and software supply chain security (SBOMs, signing, verification)
- Strong analytical and problem-solving skills with the ability to work independently and manage multiple projects
- US Citizenship and ability to be clearable up to the Top Secret clearance with SCI eligibility
Nice To Haves
- Experience with Chainguard images and low-CVE container strategies
- Experience working with Platform One, Iron Bank, or similar DoD software factories
- Experience with proprietary fuzzing or scanning pipelines
- Experience deploying and maintaining AWS services including ECR, S3, and RDS
- Industry certifications, such as AWS Certified Solutions Architect, Security+, or CCNA.
Responsibilities
- Deploying and maintaining a centralized artifact repository on cloud-native architecture (AWS/Azure).
- Building and maintaining CI/CD pipelines to automate the ingestion, scanning, and publishing of secure container images.
- Integrating low-CVE base images (e.g., via Chainguard) into the development supply chain.
- Implementing and managing automated compliance scanning tools (SAST/DAST/Fuzzing) within the build pipeline.
- Implementing Infrastructure as Code (IaC) using Terraform or similar tools to stand up secure environments.
- Developing best practices to increase the velocity of secure image updates and patch management.
- Ensuring system performance and availability while troubleshooting and resolving technical issues within the container lifecycle.
- Collaborating with other teams to develop and implement technical solutions for secure software delivery.
- Automating repetitive tasks to increase efficiency and reduce errors in the image hardening process.
- Documenting infrastructure configurations, processes, and procedures for secure supply chain management.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
