Principal DevSecOps / Platform Engineer

About The Position

Requirements

• Bachelor's degree and 8+ years experience. In lieu of degree 12+ years of hands-on experience
• 5+ years of related experience in Software Engineering, DevOps / DevSecOps technologies
• 3+ years of hands on experience with Kubernetes
• Experience using AI-powered development tools (code assistants, LLM-based tooling, AI-augmented workflows) in daily engineering work — and enthusiasm for pushing their adoption forward
• Hands-on experience with CI/CD pipeline development — GitLab CI strongly preferred; Jenkins, GitHub Actions, or similar accepted
• Experience integrating security scanning tools into automated pipelines (SAST, DAST, SCA, container image scanning)
• Proficiency with Infrastructure as Code (Terraform and/or Ansible)
• Experience with containerization (Docker, Helm, OCI artifacts) and container registry management
• Strong Linux systems skills — administration, shell scripting, troubleshooting
• Solid understanding of Git-based workflows, branching strategies, and GitOps deployment patterns
• Experience working in or deploying to classified or air-gapped environments
• Ability to work across multiple concurrent projects with shifting priorities
• Strong written and verbal communication skills
• Secret Clearance required to start
• US Citizenship Required

Nice To Haves

• Experience with Platform One / Big Bang, Iron Bank baselines, or DoD-hardened Kubernetes distributions
• Familiarity with DoD security and authorization frameworks (NIST 800-53, RMF, cATO, software factory authorization patterns)
• Knowledge of software supply chain security practices — artifact signing, attestation, and SBOM generation (e.g., Sigstore/Cosign, Syft, in-toto)
• Experience deploying or operating AI/ML infrastructure or AI development platforms in enterprise or air-gapped environments (model serving, GPU scheduling on K8s, enterprise code-assistant rollout)
• Experience supporting growth activities — contributing to proposals, RFI responses, or technical briefings, and engaging customers as a technical SME

Responsibilities

• Utilize AI-assisted Development tools and frameworks to: Design, develop, and maintain CI/CD pipelines for build, test, security scanning, and release across unclassified and classified environments
• Integrate and operate security scanning toolchains (SAST, SCA, container scanning, SBOM generation) as automated pipeline stages
• Use AI-assisted development workflows daily — code generation, automated testing, intelligent code review, and documentation — and champion their adoption across teams
• Contribute to the development of agentic AI capabilities including tool orchestration, prompt engineering, and workflow automation
• Build tooling and automation to support continuous Authority to Operate (cATO) processes, including automated evidence collection, compliance reporting, and policy enforcement
• Develop and maintain hardening pipeline templates that product teams consume for secure-by-default software delivery
• Support platform's security pipeline layer — build, test, and release process for software packages that include both application code and runtime platform components
• Implement and enforce software supply chain security controls (signing, provenance, artifact integrity)
• Troubleshoot build and deployment failures, support development teams consuming shared pipeline services
• Deploy and operate Kubernetes clusters (Big Bang / Iron Bank baseline) in classified (CUI/IL5) environments
• Deploy, configure, and support AI-powered development tools (GitLab Duo, LLM-based code assistants, agentic AI frameworks) for platform consumers and internal team use
• Support AI/ML platform infrastructure (model serving, GPU workloads, data pipelines) as part of the broader platform offering
• Stand up and maintain shared platform services: Harbor (container registry), Nexus (artifact repository), Vault (secrets management), ArgoCD (GitOps deployment)
• Implement Infrastructure-as-Code for environment provisioning, cluster lifecycle, and configuration management (Terraform, Ansible)
• Support multi-cluster management and hub-and-spoke deployment models — build in shared services, deploy into downstream accounts
• Configure and troubleshoot network connectivity, Zscaler integration, and Okta/SAML identity federation for platform consumers
• Contribute to platform evolution including self-service namespaces, developer onboarding, and golden-path templates
• Maintain and improve multiple production software factory environments serving diverse federal customers
• Contribute to runbooks, operational documentation, and incident response procedures

Benefits

• Comprehensive benefits and wellness packages
• 401K with company match
• Competitive pay
• Paid time off
• AI-powered career tool that identifies career steps and learning opportunities
• Internal mobility team focused on helping you achieve your career goals
• Variety of medical plan options, some with Health Savings Accounts
• Dental plan options
• Vision plan
• 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match
• Full flex work weeks where possible
• Variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave
• 15 days of paid leave per calendar year to be used for vacations, personal business, and illness
• 10 paid holidays per year
• Paid Family Leave program provides a total of up to 160 hours of paid leave in a rolling 12 month period for eligible employees
• Short and long-term disability benefits
• Life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance