Secure Software Delivery Engineer
About The Position
PeopleTec is currently seeking a Secure Software Delivery Engineer to support our Huntsville, AL location. PeopleTec is hiring a Secure Software Delivery Engineer for our Software Deployment Team. The team's mission is to deliver GOTS and COTS software into an accredited environment by ensuring all artifacts are properly STIG'd, hardened, scanned, validated, and ready for delivery through the DevSecOps CD pipeline. This engineer is hands-on with the onboarding, hardening, and release of non-infrastructure applications, Kubernetes images, VMs, and executables, and owns the day-to-day pipeline work that gets software from vendor to accredited environment.
Requirements
- 4+ years in DevSecOps, software deployment, platform engineering, or related.
- Hands-on experience with Kubernetes and container workflows (Docker, Podman, or equivalent).
- Hands-on experience with CI/CD pipelines (GitLab, Jenkins, or equivalent).
- Working knowledge of DISA STIGs, SCAP, and hardening practices.
- Experience with vulnerability scanning tools (ACAS/Nessus, Trivy, Anchore, or Prisma/Twistlock).
- Familiarity with image signing and SBOM tooling (Cosign, Sigstore, Syft, or equivalent).
- Scripting proficiency in Bash, Python, or PowerShell.
- Must be a U.S. Citizen
- An active DoD TS/SCI clearance is required to perform this work. Candidates must be able to obtain a TS/SCI clearance, and the ability to maintain this level of clearance during their employment.
- Bachelor's degree in Computer Science, Software Engineering, Cybersecurity, or related field (additional experience may substitute).
Nice To Haves
- Active TOP SECRET or TS/SCI clearance.
- Experience deploying COTS or GOTS software in DoD or federal accredited environments.
- DoD 8570 / 8140 IAT II or higher (Security+, CISSP, or equivalent).
- Familiarity with GitOps tooling (ArgoCD, Flux) and infrastructure-as-code (Terraform, Ansible).
- Familiarity with RMF and the ATO process.
- Experience with classified or air-gapped deployment pipelines
Responsibilities
- Onboard and manage the lifecycle of GOTS and COTS software, including Kubernetes images, VMs, and executables.
- Apply STIGs, harden artifacts, and execute scans (vulnerability, compliance, malware) as part of the intake and release process.
- Build and maintain reusable CD pipeline components and container security guardrails for non-infrastructure applications.
- Validate image provenance, signatures, and SBOMs; flag and remediate supply-chain issues.
- Execute release readiness, security, and compliance checks before delivery into the accredited environment.
- Author and maintain vendor deployment guides and delivery patterns.
- Configure, operate, and maintain non-infrastructure applications in the accredited environment.
- Coordinate with vendors, security, and accreditation teams to resolve findings and unblock releases.
Benefits
- continuing-education opportunities
- robust training programs
- "People First" benefits package
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
