DevSecOps Engineer

About The Position

Requirements

• Expertise in designing, implementing, and optimizing secure, scalable CI/CD pipelines in highly regulated and secure environments.
• Hands-on experience with modern DevSecOps tools, platforms, and methodologies, including GitLab, Kubernetes, image scanning, static analysis tools, and software signing tools like Cosign.
• Experience with tools like GitLab, Terraform Helm, or Ansible.
• Experience building and managing Kubernetes clusters.
• Knowledge of security best practices, including Role-Based Access Control (RBAC), namespace isolation, and secure ingress/egress traffic configurations.
• Experience working within a secure, air-gapped IL6 environment.
• Experience implementing robust processes to ensure compliance with DoD or other regulatory frameworks.
• Experience designing solutions to securely handle sensitive data, binaries, and infrastructure in disconnected networks.
• Experience integrating DevSecOps tools such as image scanners, static code analysis tools, Cosign for software signing, and vulnerability management frameworks into the pipeline.
• Experience managing, configuring, and maintaining Windows Server (Active Directory, Group Policy, DNS, DHCP).
• Experience implementing and ensuring the security and availability of Windows and Linux systems, including patch management, vulnerability assessments, and compliance with organizational policies.
• Experience automating recurring tasks using scripting tools like PowerShell, Python, or Bash.
• Experience troubleshooting issues within Windows (file systems, network connectivity, performance, and authentication).
• Experience planning and executing upgrades, migrations, and installations for both Windows and Linux systems.
• Experience developing and delivering technical documentation, including CI/CD pipeline configurations, workflow processes, and build instructions.

Responsibilities

• Deploy and maintain secure CI/CD pipelines that support the full software development lifecycle using tools like GitLab, Terraform Helm, or Ansible .
• Deploy and maintain multi-stage CI/CD pipelines (e.g., build, test, scan, release, deploy) for efficient, secure delivery of applications.
• Build and manage Kubernetes clusters in development, testing, and production environments.
• Ensure security best practices, including Role-Based Access Control (RBAC), namespace isolation, and secure ingress/egress traffic configurations.
• Deploy tools and processes to enable rapid provisioning and repeatability while maintaining compliance with cyber and operational standards.
• Work within a secure, air-gapped IL6 environment and implement robust processes to ensure compliance with DoD or other regulatory frameworks.
• Design solutions to securely handle sensitive data, binaries, and infrastructure in disconnected networks.
• Integrate DevSecOps tools such as image scanners, static code analysis tools, Cosign for software signing, and vulnerability management frameworks into the pipeline.
• Manage, configure, and maintain Windows Server (Active Directory, Group Policy, DNS, DHCP).
• Implement and ensure the security and availability of Windows and Linux systems, including patch management, vulnerability assessments, and compliance with organizational policies.
• Automate recurring tasks using scripting tools like PowerShell, Python, or Bash to improve operational efficiency.
• Troubleshoot issues within Windows (file systems, network connectivity, performance, and authentication).
• Plan and execute upgrades, migrations, and installations for both Windows and Linux systems.
• Collaborate with cross-functional teams to ensure systems integration and operational effectiveness.
• Develop and deliver technical documentation, including CI/CD pipeline configurations, workflow processes, and build instructions