DevSecOps Engineer

IDT•Arlington, VA

2d•Hybrid

About The Position

Innovative Defense Technologies (IDT) is seeking a DevSecOps Engineer to join their team in Arlington, VA. IDT specializes in cloud-based integration, automated testing, and data analysis for complex, mission-critical systems within the U.S. Department of Defense (DoD). The DevSecOps team is crucial to this mission, integrating security, automation, and operational practices into the software development lifecycle. They provide a standardized developer platform that includes CI/CD pipelines, security scanning, infrastructure automation, and developer tooling for both connected and classified environments. A significant portion of this work takes place in air-gapped environments, where automation, repeatability, and disciplined processes are essential. In this role, the engineer will improve the developer experience by reducing friction in CI/CD pipelines and platform workflows, ensure software meets strict security and compliance requirements for classified environments, contribute to a repeatable and scalable Software Factory, and support engineers across multiple programs by providing reliable tooling, environments, and guidance. The successful candidate will partner with engineering and security teams to continuously improve the speed, quality, and resilience of IDT's systems.

Requirements

1+ years of professional software or technical experience
Bachelor’s degree in Computer Science, Engineering, or a related field, or equivalent professional experience
U.S. citizenship
Ability to travel up to 10%
Experience in software development processes
Experience with CI/CD concepts and tools (e.g., Jenkins, GitLab CI, CircleCI)
Familiarity with containerization technologies such as Podman and container orchestration with Kubernetes
Understanding of Infrastructure as Code (IaC) principles and tools (e.g., Terraform, Ansible)
Basic scripting and programming skills (e.g., Python, Bash)
Familiarity with version control systems, particularly Git
Strong problem-solving skills and the ability to work collaboratively within a team
Excellent communication skills and a desire to learn and grow

Nice To Haves

Experience working in a DevSecOps or DevOps role
Hands-on experience with cloud platforms/hypervisors (e.g., AWS, vCenter)
Familiarity with secure software development practices and automated security testing tools
Knowledge of monitoring, logging, and alerting tools (e.g., Prometheus, Grafana, ELK Stack)
Experience working in defense, government, or other mission-critical domains
Familiarity with DoD compliance frameworks such as NIST, DISA STIGs, or RMF

Responsibilities

Build, maintain, and troubleshoot CI/CD pipelines using tools such as GitLab CI and Jenkins, following established enterprise patterns
Integrate and operate automated security controls within pipelines, including SAST, SCA, container scanning, SBOM generation, and secrets detection
Support and maintain core Software Factory tooling (e.g., GitLab, artifact repositories, scanning tools, CI/CD infrastructure)
Develop and update Infrastructure as Code (IaC) using tools such as Ansible and Terraform, leveraging standardized templates
Deploy, configure, and maintain containerized workloads using Podman and Kubernetes (RKE2 or similar distributions)
Operate and support DevSecOps platforms within air-gapped classified environments, including: packaging and deploying dependencies, troubleshooting environment-specific issues, supporting repeatable software delivery without external connectivity
Assist in enforcing compliance requirements (e.g., NIST 800-171, DISA STIGs, RMF) through automation and pipeline controls
Investigate and resolve technical issues across CI/CD pipelines, infrastructure, and tooling, documenting root causes and solutions
Gather developer feedback and identify opportunities to improve platform usability, performance, and reliability
Collaborate with software engineers, security teams, and infrastructure teams to support coordinated delivery efforts