DevSecOps Solution Architect

About The Position

Requirements

• Bachelor's degree in Computer Science, Software Engineering, Computer Engineering, Information Systems, Cybersecurity, or a related technical field.
• Ability to obtain and maintain a Public Trust, suitability determination, or other clearance level required.
• 7–10 years of progressive experience in software engineering, DevOps, DevSecOps, cloud architecture, cybersecurity engineering, or related technical disciplines.
• Demonstrated experience designing and implementing enterprise DevSecOps solutions in complex environments.
• Experience developing and managing CI/CD pipelines supporting secure software delivery.
• Hands-on experience with Infrastructure as Code (IaC) frameworks and automated deployment methodologies.
• Experience integrating automated security controls and testing into software delivery pipelines.
• Experience supporting federal cybersecurity compliance requirements and security authorization processes.
• Experience leading technical teams and providing architectural guidance across multiple projects or programs.
• Experience supporting cloud migration, application modernization, or digital transformation initiatives.
• Strong knowledge of secure software development lifecycle (SSDLC) processes.
• Strong knowledge of Microsoft Azure
• Experience with the following toolset: GitHub Enterprise Server/Cloud, JFrog Artifactory, JFrog Xray, SonarQube, GitHub Advanced Security, GitHub Copilot, and Subject7
• Knowledge of containerization and infrastructure technologies including Azure Kubernetes Services (AKS), Virtual Machines, Application Gate Way, App Services, Key Vaults, ServiceNow, CyberArk, and Terraform
• Experience implementing security automation and vulnerability management solutions.
• Strong understanding of application security principles, secure coding practices, and threat modeling techniques.
• Knowledge of federal cybersecurity frameworks and standards including: NIST Cybersecurity Framework (CSF), NIST 800-53, NIST Secure Software Development Framework (SSDF), Federal Information Security Modernization Act (FISMA), Risk Management Framework (RMF), Zero Trust Architecture.
• Excellent written and verbal communication skills with the ability to convey complex technical concepts to diverse audiences.

Nice To Haves

• Microsoft Azure Solutions Architect Expert certification
• Certified Kubernetes Administrator (CKA) certification
• Certified Kubernetes Security Specialist (CKS) certification

Responsibilities

• Design, implement, and maintain enterprise DevSecOps architectures that integrate security throughout all phases of the SDLC.
• Develop and optimize CI/CD pipelines to support automated, secure, and reliable application delivery.
• Establish reference architectures, technical standards, engineering patterns, and best practices for DevSecOps implementations.
• Design and implement Infrastructure as Code (IaC) solutions to automate infrastructure provisioning, configuration management, and deployment activities.
• Integrate automated security testing into software delivery pipelines, including: Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), Container and image scanning, Secret detection and credential management, and Infrastructure security scanning.
• Design secure cloud-native and hybrid-cloud architectures utilizing modern platform services and security controls.
• Ensure compliance with federal cybersecurity requirements, including NIST, FISMA, RMF, Zero Trust, and agency-specific security standards.
• Support continuous Authority to Operate (ATO) initiatives through the development of architecture artifacts, security documentation, risk assessments, and compliance evidence.
• Evaluate emerging technologies, tools, and practices to improve platform security, efficiency, scalability, and resilience.
• Lead architecture reviews, technical design sessions, and security assessments.
• Develop strategies to reduce technical debt and improve application maintainability and operational effectiveness.
• Create technical roadmaps that align DevSecOps capabilities with organizational goals and modernization initiatives.
• Provide technical mentorship and leadership to DevSecOps engineers, software developers, and infrastructure teams.
• Support incident response, vulnerability remediation efforts, and continuous monitoring initiatives as required.

Benefits

• Competitive salaries
• Performance bonuses
• Training and educational reimbursement
• Transamerica 401(k) with company match
• Cigna healthcare benefits
• PTO available to use immediately upon joining (prorated based on start date)
• Paid parental leave
• Individual and family health, vision, and dental benefits
• Annual budget for training, professional development and tuition reimbursement