DevSecOps Lead

About The Position

Requirements

• 10+ years experience in software development, DevOps, or platform engineering
• 5+ years hands-on experience with GitLab CI/CD in enterprise environments
• Experience operating pipelines with containers, EC2 runners, ECS deployments, and Postgres
• Strong background in secure DevSecOps practices, automated testing, and pipeline governance
• Familiarity with DoD cloud environments, preferably cARMY / ECMA
• Experience integrating SAST/DAST, dependency scanning, and container security tools- Strong understanding of microservices, container orchestration, and cloud networking
• Bachelor's degree in Computer Science, Information Systems, Software Engineering, or related field
• Active Secret security clearance required

Nice To Haves

• Master's degree preferred

Responsibilities

• Pipeline Architecture & Operations Design, implement, and maintain GitLab Enterprise CI/CD pipelines for Java/Spring Boot and containerized applications
• Manage EC2-based GitLab runners, autoscaling groups, and secure execution environments
• Build and maintain deployment workflows targeting Amazon ECS (Fargate or EC2 launch types)
• Implement artifact versioning, promotion workflows, and environment-specific deployment gates
• Ensure pipelines support deterministic AI-generated code integration and reproducible builds
• Security, Compliance & cARMY Integration Ensure all pipelines comply with Army ECMA/cARMY security policies, boundary controls, and audit requirements
• Integrate STIG-aligned scanning, dependency checks, SAST/DAST, and container security tooling
• Maintain traceability and documentation required for ATO, RMF, and continuous monitoring
• Enforce least-privilege IAM roles, credential management, and secure secrets handling
• Automated Testing & Quality Gates Integrate JUnit, mocking frameworks, and automated test suites into CI/CD workflows
• Ensure pipelines enforce quality gates before merge, promotion, or deployment
• Support integration testing, smoke testing, and environment validation steps
• Infrastructure & Environment Management Manage container registries, image hardening, and secure image lifecycle
• Support ECS service deployments, task definitions, and container orchestration workflows
• Coordinate EC2, VPC, networking, IAM, and ECS cluster configurations with platform teams
• Support Postgres database provisioning, migrations, and pipeline-driven schema updates
• Maintain environment parity across dev, test, staging, and production
• Cross-Team Collaboration Work closely with developers, integration teams, QA, cybersecurity, and platform engineering
• Provide guidance on pipeline readiness, deployment blockers, and DevSecOps best practices
• Support release readiness reviews and operational documentation

Benefits

• Company-supported medical, dental, vision, life, STD, and LTD insurance
• Benefits include 11 federal holidays and PTO
• Eligible employees may receive performance-based incentives in recognition of individual and/or team achievements.
• 401(k) with company matching
• Flexible Spending Accounts for commuter, medical, and dependent care expenses
• Tuition Assistance
• Charitable Contribution matching