Principal DevSecOps Engineer

KBR, Inc.•Dayton, OH

1d•Hybrid

About The Position

KBR’s National Security Solutions team provides high-end engineering and advanced technology solutions to customers in the intelligence and national security communities. In this position, your work will have a profound impact on the country’s most critical role – protecting our national security. KBR is seeking a highly motivated and experienced Systems Engineer and Lead in DevSecOps to be a part of the team that supports the Department of the Air Force advanced air platform testing and rapid development. This role would also support future development within KBR’s corporate infrastructure. KBR’s work is at the forefront of engineering, logistics, operations, science, program management, mission IT and cybersecurity solutions. The company fosters a dynamic team that thrives on collaboration and innovation, providing a supportive and intellectually stimulating workplace. Your contributions will be pivotal in designing and optimizing defense systems that ensure national security and shape the future of space defense.

Requirements

Bachelors in Computer Science, Computer Engineering, Electrical Engineering, or related field
7 to 10 years of experience in software development, systems engineering, platform engineering, or DevOps roles
Expert level experience building container images with Podman, Docker, Kaniko, Skopeo
Familiarization with Universal Base Images (UBI)
Expert-level experience building and optimizing build pipelines with GitLab CI/CD, including use of CI templates or CI components
Proficiency in implementing security scan execution policies and pipeline security scans
Familiar with Trivy, Semgrep, and Gemnasium (or other SBOM based dependency scans)
Expert-level experience with package managers for Java, Python and Node
Proficient with Red Hat Enterprise Linux 8.10 or higher
Active DoD Secret [or higher] clearance
Ability to work independently and as part of a team

Nice To Haves

Familiarization with k3s and k8s desired
Technical leadership and systems thinking
Excellent problem-solving skills and Risk‑based decision making

Responsibilities

Serve as the DevSecOps subject-matter expert and architectural authority
Define standards, reference architectures, and best practices used across teams
Design and implement secure, scalable, and highly available cloud and hybrid platforms
Embed security controls directly into: CI/CD pipelines, Infrastructure‑as‑code, Container platforms and deployment workflows
Evaluate, select, and integrate DevSecOps tooling, including SAST, DAST, SCA Secrets management, encryption, and identity integration, Container security
Lead implementation of containerized platforms (Docker, Kubernetes, OpenShift, etc.)
Integrate identity access management, secrets management, and encryption into pipelines and platforms
Troubleshoot complex system, pipeline, and security issues across environments
Act as a trusted technical advisor to engineering, security, and platform teams
Mentor engineers and elevate DevSecOps maturity across the organization
Lead technical reviews, architecture discussions, and root cause analyses
Communicate risk, tradeoffs, and recommendations clearly to technical and non-technical leadership
Actively maintain security vulnerability assessment databases for third-party application dependency scans and operating system level scans
Actively monitor GitLab Security Dashboards for new vulnerabilities detected in software products and work with developers to remediate
Maintain and enforce compliance frameworks across projects
Maintain the software release pipeline
Ensure base container images are regularly updated to include latest security patches and updates