DevSecOps Engineer

About The Position

Requirements

• Bachelor's degree in science, Technology, Engineering, Mathematics, IT, or business-related programs.
• 8+ years of experience in Software Development, Agile, DevOps, or Lean process transformation.
• 8+ years of experience in automation development or systems integration.
• 5+ years of experience with one or more scripting or programming knowledge (e.g., Python, PowerShell, JavaScript).
• Must have DoD 8140/8570 baseline security certification (such as CompTIA Security+, CASP+, or CISSP) or a cloud-specific security certification (e.g., AWS Certified Security - Specialty).
• Must have an active Secret clearance with the ability to obtain TS with SCI eligibility.

Nice To Haves

• 5+ years’ experience supporting DoD or federal programs is highly desirable.
• Cloud-Specific ML Certifications such as Azure AI Engineer Associate (AI-102) or AWS Certified Machine Learning – Specialty.
• 3+ years’ experience with Vantage or Gaberiel Nimbus.
• Experience with tools such as Jira, Azure DevOps, Git, and CI/CD platforms.
• Experience in interpreting data and presenting analysis and recommendations to management.
• Must have high proficiency in the Microsoft Office suite and possess advanced skills and knowledge in programs like Word, Excel, PowerPoint, and Outlook.
• Experience deploying and securing containers.
• Experience utilizing Terraform.
• Must understand cloud technologies (e.g., AWS, Azure, GCP, Oracle) and hybrid cloud environment.
• Proficiency in multiple scripting and programming languages (Python, Java, Bash, Go).
• Hands-on experience with infrastructure automation tools.
• Experience with agile methodologies and DevSecOps practices.
• Knowledge of cloud security best practices.
• Excellent interpersonal communication, facilitation, and leadership skills to effectively coordinate teams and communicate with stakeholders.
• Experience with relevant technologies and tools like SIEM systems, firewalls, VPNs, data encryption, cloud platforms (AWS, Azure, Google Cloud), and endpoint protection.
• Skillful time management and organizational skills to set and meet deadlines.
• Ability to work both independently and within a team.
• Ability to work effectively in a team environment to encourage collaboration, innovation, and continuous improvement.
• Ability to meet minimum clearance requirements.
• Ability to work nights, weekends, and holidays as required.
• Ability to travel up to 10%.

Responsibilities

• Provide leadership in Development, Security, and Operations (DevSecOps) areas of incident response, vulnerability scanning and management, problem management, certificate management, penetration testing, password policy management, data analysis of network security, remediation patching coordination, and compliance efforts.
• Choose and implement the appropriate automated application security testing tools, making users aware of how to best use application security features.
• Collaborate with team members to develop an automated security framework for strong deployment tools and processes, leveraging various scripting languages and open source solutions.
• Recommend automation improvements to replace manual tasks for operational processes.
• Gather requirements, design and implement solutions, manage technical operations, and triage and fix OT, network, or security operational issues.
• Perform network or security analysis and troubleshooting; diagnose root cause analysis, using monitoring tools and system analytics; and apply system patches to DevOps tooling.
• Provide technical support and guidance to users and other DevOps Engineers, answer technical questions, and resolve issues within network and security domains.
• Update security procedures and create and maintain operations runbooks to report procedures and operations, so team members won't re-encounter known issues.
• Set up, conduct risk assessments, monitor, and maintain proxy servers, systems, and firewalls.
• Perform application penetration testing and manual security code reviews.
• Support development of value stream mapping, backlog management, and metrics for operational effectiveness and flow.
• Utilize tools such as Jira, Azure DevOps, and ServiceNow to enable automated pipelines, tracking, and synchronization of development and security workflows.
• Ensure alignment with DoD enterprise Agile guidance and modernization initiatives.
• Collaborate with the team to tailor DevSecOps frameworks to governments' specific security, policy, and operational environments.
• Automate deployment processes to enhance the release management lifecycle.
• Resolve validation and deployment errors promptly.
• Work productively within an agile, sprint-based environment, adhering to all applicable levels of reporting to the project manager
• Promote the use of modern, cloud native developments tools aligned with the Government’s enterprise cloud and digital initiatives.
• Other duties as assigned.

Benefits

• professional development plan
• on-the-job learning experiences
• formal development programs
• well-being programs