DevSecOps Engineer

About The Position

Requirements

• Bachelor's degree in Information Technology or a related field preferred
• Formal education requirements may be waived based on 4 years of relevant professional experience
• Hands-on experience with Terraform and/or OpenTofu, including module development, remote state management, and workspace management
• Proficiency with Ansible, including playbook and role development, dynamic inventories, and Ansible Vault for secrets management
• Demonstrated experience designing and maintaining GitHub Actions workflows, including reusable workflows and security gate integration
• Working knowledge of Docker image authoring and hardening, Kubernetes manifest and Helm chart management, and container security scanning
• Familiarity with SAST tools (Semgrep, Checkov, tfsec), secrets scanning (Gitleaks, Detect-Secrets), and policy-as-code frameworks (OPA/Rego)
• Proficiency with Git-based workflows, including branching strategies, pull request reviews, and protected branch enforcement
• Experience in a federal or highly regulated environment
• Familiarity with NIST SP 800-53, FISMA, and FedRAMP compliance requirements
• Cloud platform experience (AWS)
• Experience with secrets management tools such as HashiCorp Vault
• Scripting proficiency in Python and Bash
• Must possess or be eligible to obtain and complete a Public Trust background investigation and/or a Public Trust clearance.
• Public Trust Tier 2 clearance required.
• Must be a U.S. Citizen

Responsibilities

• Maintain, extend, and improve Terraform and OpenTofu codebases for provisioning and managing hybrid cloud infrastructure; manage state files and remote backends within approved change control processes
• Develop and maintain Ansible playbooks and roles to automate system configuration, compliance enforcement, patch management, and application deployment
• Build, maintain, and improve GitHub Actions workflows incorporating security gates, including SAST, dependency scanning, secrets detection, and policy-as-code validation
• Support containerized application delivery using Docker for image builds and Kubernetes for orchestration; manage Dockerfiles, Kubernetes manifests, Helm charts, and RBAC configuration
• Integrate security practices throughout the software delivery lifecycle, enforcing CIS benchmarks and supporting NIST SP 800-53 and FISMA compliance requirements
• Participate in stand-ups, sprint planning, and peer code reviews; maintain clear records of all changes to shared codebases and pipelines

Benefits

• Virtual health visits
• commuter perks
• pet insurance
• entertainment discounts
• Annual performance reviews
• tuition assistance
• internal career growth opportunities
• Generous 401(k) matches
• life and disability insurance
• financial wellness tools
• Annual awards
• service anniversaries
• referral bonuses
• peer-to-peer shoutouts
• Healthcare coverage
• wellness programs
• flu shots
• biometric screenings