Senior AWS DevSecOps Engineer

About The Position

Requirements

• 5+ years in DevSecOps/DevOps with a focus on production AWS environments.
• Proven experience building enterprise-grade pipelines with GitHub Actions and deep technical knowledge of GitHub Advanced Security features.
• Deep hands-on expertise with Amazon EKS, including cluster hardening, OCI-compliant image management, and Helm package management.
• Proficiency in Terraform (modular design, state management) for complex networking and security stacks.
• Practical understanding of NIST SP 800-53, FedRAMP, or DoD RMF and their application to technical configurations in GovCloud.
• Scripting proficiency in Python or Bash for operational automation and security tooling.
• Current AWS Certified DevOps Engineer or Security - Specialty.
• Ability to work effectively remotely in cross-functional teams.
• Ability to meet deadlines and produce quality work.
• Proficient in Microsoft Suite software including Outlook, Word, Excel, SharePoint, and PowerPoint.

Nice To Haves

• Bachelor's degree in Information Technology, Computer Science, Data Science, Engineering, Mathematics, or a related technical discipline.
• 5+ years of professional, hands-on experience in a DevOps or DevSecOps engineering role, including responsibility for production or pre-production environments.
• At least one current AWS certification required, such as AWS Certified Solutions Architect, AWS Certified SysOps Administrator, AWS Certified DevOps Engineer, or AWS Certified Security.

Responsibilities

• Build and maintain hardened AWS GovCloud environments using Terraform, ensuring alignment with NIST 800-53 and FedRAMP baselines.
• Manage lifecycle, networking, and security for Amazon EKS clusters. Orchestrate deployments using Helm charts and GitOps tools (e.g., Argo CD or Flux) to ensure declarative state management.
• Design and implement robust CI/CD pipelines using GitHub Actions. Integrate and configure GitHub Advanced Security (GHAS), including CodeQL for SAST, secret scanning, and dependency review.
• Deploy and scale containerized ML models and data pipelines, optimizing performance and observability in regulated environments.
• Enforce least-privilege via IAM, manage encryption with KMS, and monitor security posture using Security Hub, Config, and GuardDuty.

Benefits

• Competitive salaries and benefits
• SmartBenefits through the Washington Metro Area Transportation Authority
• Tuition assistance may be available for continuing education expenses and certifications related to their position.