SME DevSecOps Engineer

About The Position

Requirements

• Bachelor's degree with 12+ years of experience (or commensurate experience).
• Active Secret clearance with ability to obtain and hold DEA suitability.
• Strong proficiency with AWS services used in modern DevSecOps platforms, including IAM, ECS/EKS, Lambda, EC2, S3, CloudWatch, CloudTrail, KMS, Secrets Manager, and VPC‑level security controls.
• Hands‑on experience designing, building, and maintaining enterprise‑grade CI/CD pipelines using GitHub Actions or other YAML‑based automation frameworks.
• Expertise in infrastructure‑as‑code using Terraform, CloudFormation, or CDK, including modular design, environment provisioning, and enforcing configuration baselines.
• Strong understanding of containerization technologies such as Docker and Kubernetes, including image hardening, policy enforcement, admission controls, network policies, and automated image scanning.
• Experience implementing DevSecOps security controls such as SAST, SCA, IaC scanning, dependency validation, secrets detection, and supply‑chain protection within the CI/CD pipeline.
• Experience with cloud‑native networking, load balancers, service mesh, and secure service‑to‑service communication patterns.
• Proficiency in setting up automated test frameworks (unit, integration, API, smoke, regression) and incorporating them into the pipeline.
• Familiarity with logging, monitoring, and observability stacks such as ELK/OpenSearch, Prometheus/Grafana, AWS CloudWatch, or Datadog.
• Experience with automated deployment strategies, including blue/green, canary, and rolling deployments.
• Strong knowledge of Linux fundamentals, shell scripting, and troubleshooting distributed cloud systems.
• Experience implementing Zero Trust‑aligned security principles (least privilege, identity‑centric access, secrets management, configuration hardening) within DevSecOps workflows.
• Ability to diagnose and resolve performance, build, deployment, and pipeline reliability issues across multiple environments.
• Experience supporting or collaborating with development, cloud engineering, cybersecurity, and operations teams in an Agile environment.
• Excellent documentation skills for pipeline designs, runbooks, IaC modules, architecture diagrams, and operational procedures.

Responsibilities

• Defines, develops, and deploys cloud hosting and pipeline infrastructure to automate the software development lifecycle.
• Designs and implements privacy and security best practices across all pipeline stages, ensuring that continuous integration, testing, and deployment are executed securely and efficiently.
• Leads development teams in applying security gates, automated builds, and testing within the pipeline.
• Resolves architectural or operational issues affecting the pipeline or cloud‑hosting environment.