DevSecOps Engineer

About The Position

Requirements

• Deep proficiency with Docker, ECS Fargate, and the AWS Developer Tools suite (CodeCommit/Pipeline/Build)
• Strong Python or Bash scripting skills to glue tools together.

Nice To Haves

• Active Secret Clearance preferred
• Bachelor’s Degree in Computer Science or Information Systems
• 5+ years working specifically in AWS GovCloud
• Preferred AWS Certified DevOps Engineer - Professional or AWS Certified Security – Specialty

Responsibilities

• Design and manage fully automated pipelines using AWS CodeCommit, CodeBuild, and CodePipeline.
• Integrate automated security scanning tools (SAST/DAST) directly into the build process.
• Secure the supply chain by managing immutable Docker images in Amazon ECR, ensuring only signed and scanned images are deployed.
• Manage serverless container deployments on ECS Fargate.
• Provision all AWS GovCloud resources using Terraform or CloudFormation.
• Build and maintain hardened base images that are pre-patched and STIG-compliant.
• Secure Amazon Redshift clusters handling sensitive government data.
• Implement Column-Level Access Control, ensure strict encryption at rest (KMS) and in transit, and manage VPI/Security Group ingress rules.
• Configure CloudTrail and Redshift Audit Logging to capture every query run against the data warehouse for compliance audits.
• Aggregate logs from CloudWatch, GuardDuty, and Security Hub to provide a real-time "single pane of glass" view of the system's security posture.
• Assist in the Discovery Phase activities of gathering user requirements, business analysis, legacy system analysis, Epic/Story creation, external data integration planning, and product backlog management.

Benefits

• medical, dental, and vision insurance
• life and disability insurance
• 401(k) plan with employer match
• paid holidays
• PTO (sick/vacation)
• commuter benefits
• employee assistance program (EAP)
• educational reimbursement
• Pet Insurance