Senior DevSecOps Architect

Dragonfli Group•Washington, DC

3d•Hybrid

About The Position

This contract role, Senior DevSecOps Architect, supports a large federal agency by embedding security into every stage of the software delivery lifecycle and protecting cloud-native and AI-native applications within a large-scale CI/CD environment. You will design, implement, and operate a robust, self-healing DevSecOps ecosystem, leveraging AI/ML for automated threat detection, optimized code reviews, and security automation, while integrating SAST/DAST/SCA/secret scanning into GitHub Actions, GitLab CI, or Jenkins; building on Kubernetes and Terraform/Pulumi across AWS, Azure, or GCP; implementing Policy as Code with Open Policy Agent (OPA); and strengthening observability using eBPF, Prometheus, and tools such as Dynatrace or Datadog. This role requires seasoned DevSecOps leadership, hands-on technical depth, and strong communication and planning skills to balance rapid delivery with uncompromising security. It's a high-impact opportunity to shape secure software delivery and AI security within a major federal agency. This is a multi-year contract position involving a large US federal agency. Candidates with previous federal contracting experience are preferred. U.S. Citizenship or Permanent Residency required. If hired, all work related to this role must be performed within the continental U.S.

Requirements

10+ years of IT experience
5+ years dedicated to DevSecOps leadership in high-scale environments
Expert-level experience with Kubernetes
Expert-level experience with Terraform or Pulumi
Hands-on experience with at least one major cloud platform: AWS, Azure, or GCP
Mastery integrating SAST, DAST, SCA, and secret scanning into CI/CD (GitHub Actions, GitLab CI, or Jenkins)
Hands-on experience securing MLOps pipelines and AI-integrated APIs
Proficiency in Python, Go, or Bash for security automation and scripting
Deep knowledge of eBPF and Prometheus for observability in modern environments
Strong ability to communicate and align DevOps speed with security rigor, including with executive leadership

Nice To Haves

Previous federal contracting experience is preferred.

Responsibilities

Lead the evolution of the software delivery lifecycle by embedding security into every stage of CI/CD
Architect and maintain automated CI/CD pipelines using AI/ML for SAST/DAST to detect complex vulnerabilities
Design security frameworks for the end-to-end AI lifecycle, including data ingestion security and model protection
Implement guardrail architectures for Large Language Models (LLMs) and AI-native applications
Develop AI-driven orchestration (SOAR) to automate triage and remediation of security findings
Implement Policy as Code governance using Open Policy Agent (OPA) to enforce compliance across multi-cloud environments
Integrate SAST, DAST, SCA, and secret scanning into GitHub Actions, GitLab CI, or Jenkins pipelines
Conduct advanced threat modeling for cloud-native applications, including AI-specific attack vectors (e.g., model inversion, data poisoning)
Create self-service security tools and Golden Paths to enable secure developer workflows with minimal friction
Establish and enhance observability for security and reliability using eBPF, Prometheus, and logging/monitoring platforms (e.g., Dynatrace or Datadog)