DevSecOps Lead / Chief Engineer

Zantech•Camp Springs, MD

1d•Hybrid

About The Position

Are you looking for your next challenge? Are you ready to work with a performance-based small company? At Zantech, we are a dynamic Woman Owned Small Business focused on providing complex, mission-focused solutions with a proven track record of outstanding customer performance and high employee satisfaction. We would love to talk with you regarding the next step in your career. Come join our team! Zantech is looking for a talented DevSecOps Lead / Chief Engineer to contribute to the success of our upcoming Applied and Emerging Technology Support project for a Hybrid role based out of Camp Springs, MD. The DevSecOps Lead serves as the technical authority for all DevSecOps engineering activities across USCIS OIT portfolios, bridging gaps between programs with varying levels of DevSecOps maturity. This role requires a hands-on technical leader who can design, implement, and optimize CI/CD pipelines, infrastructure automation, and containerized environments while ensuring compliance with DHS Zero Trust principles. The DevSecOps Lead will establish and disseminate best practices that accelerate secure, reliable digital transformation across the USCIS enterprise.

Requirements

Minimum 10 years of IT engineering experience
Minimum 5 years in DevSecOps, DevOps, or Platform Engineering roles
Minimum 3 years of federal government experience, preferably DHS or civilian agencies
Demonstrated experience designing and implementing enterprise CI/CD solutions
Experience with cloud-native application development and deployment
Track record of successful DevSecOps transformations in complex enterprise environments
Expert-level knowledge of CI/CD tools (Jenkins, GitLab CI/CD, GitHub Actions, or similar)
Deep expertise with container orchestration platforms (Kubernetes, OpenShift, EKS, ECS)
Advanced proficiency with Infrastructure-as-Code tools (Terraform, CloudFormation, Ansible)
Strong scripting abilities (Python, Bash, PowerShell, Go)
Extensive experience with AWS cloud services (EC2, S3, Lambda, RDS, VPC, IAM, etc.)
Expert knowledge of Git workflows and version control strategies
Proficiency with security scanning tools (SonarQube, Veracode, Checkmarx, Twistlock, Aqua)
Experience with monitoring and observability tools (Prometheus, Grafana, ELK Stack, Datadog, Splunk)
Bachelor's Degree in Computer Science, Information Technology, Business Administration, or related field
Certifications (Required - Minimum 2): AWS Certified Solutions Architect - Professional OR Associate Certified Kubernetes Administrator (CKA) OR Certified Kubernetes Application Developer (CKAD) One of: HashiCorp Certified Terraform Associate, Red Hat Certified Specialist in Ansible
US Citizenship and the ability to obtain and maintain an active Public Trust or higher clearance, per contract requirements.

Nice To Haves

Experience with service mesh technologies (Istio, Linkerd)
Knowledge of policy-as-code tools (OPA, Kyverno, Sentinel)
Familiarity with Backstage.io (especially relevant for USCIS Backstage)
Experience with API gateway and management solutions
Knowledge of secrets management tools (Vault, AWS Secrets Manager)
Understanding of software bill of materials (SBOM) and supply chain security
Understanding of Zero Trust Architecture principles and implementation
Knowledge of FedRAMP, FISMA, and NIST frameworks (800-53, 800-171)
Familiarity with DHS security requirements and authorization processes
Understanding of Section 508 compliance requirements
Experience with AWS GovCloud and FedRAMP-authorized services
Knowledge of continuous ATO (cATO) processes
Hands-on experience with USCIS Backstage, CCD, ERDS, or CMI
Experience supporting USCIS immigration systems (ELIS, CIS, CLAIMS, RAPS)
Understanding of USCIS OIT architecture standards and approved technology stack
Familiarity with USCIS Team Managed Deployment (TMD) criteria and processes
Knowledge of USCIS governance review processes
Master's degree preferred
Certifications (Highly Desired): AWS Certified DevOps Engineer - Professional AWS Certified Security - Specialty Certified Information Systems Security Professional (CISSP) GIAC Cloud Security Automation (GCSA) Certified Kubernetes Security Specialist (CKS) GitLab Certified CI/CD Specialist

Responsibilities

Design and implement enterprise CI/CD pipelines with integrated security controls and automated gates
Architect cloud-native solutions using containers, microservices, and serverless technologies
Develop infrastructure-as-code (IaC) templates and reusable deployment patterns
Implement continuous monitoring and observability solutions across applications and infrastructure
Guide migration from monolithic to decomposed, microservices-based architectures
Establish reference implementations for high-performing, scalable platform designs
Integrate security scanning tools (SAST, DAST, SCA, container scanning) into CI/CD pipelines
Implement application and workload security controls aligned with Zero Trust architecture
Ensure compliance with DHS security requirements, FedRAMP, and FISMA standards
Automate security testing and vulnerability remediation workflows
Establish security gates and governance controls within deployment pipelines
Conduct threat modeling and security risk assessments for USCIS applications
Build and maintain CI/CD pipelines using tools such as Jenkins, GitLab CI/CD, GitHub Actions
Automate build, test, and deployment processes to enable Team Managed Deployment (TMD)
Reduce deployment cycle times while improving reliability and security
Implement blue-green, canary, and rolling deployment strategies
Establish automated rollback mechanisms and disaster recovery procedures
Optimize pipeline performance and resource utilization
Manage containerized environments using Kubernetes, Docker, and OpenShift
Implement service mesh technologies for microservices communication
Design and maintain cloud infrastructure in AWS GovCloud
Automate environment provisioning and configuration management
Implement infrastructure monitoring, logging, and alerting solutions
Ensure high availability, scalability, and disaster recovery capabilities
Maximize utilization of USCIS-developed enterprise platforms:
USCIS Backstage: Developer portal integration and plugin development
Container Compliance Dashboard (CCD): Integrate pipeline reporting and compliance metrics
Enterprise Ready Deployment Services (ERDS): Standardize deployment orchestration
Common Microservices Initializer (CMI): Establish patterns for new service creation
Contribute enhancements and feedback to USCIS platform teams
Develop documentation and training materials for enterprise tool adoption
Establish agency-wide DevSecOps principles and guidelines supporting Agile practices
Promote GitOps workflows and declarative configuration management
Implement trunk-based development and feature flagging strategies
Standardize logging, monitoring, and observability practices
Reduce dependencies on proprietary software; promote open-source adoption
Foster collaboration between development, security, and operations teams
Lead DevSecOps engineering team of 8-12 engineers
Provide technical guidance to USCIS product/portfolio teams
Conduct architecture reviews and provide recommendations for improvement
Mentor junior engineers in DevSecOps practices and automation techniques
Stay current with emerging tools and technologies; conduct proof-of-concept evaluations
Present technical topics to USCIS stakeholders and leadership