Senior DevSecOps Engineer

SAIC accepts applications on an ongoing basis and there is no deadline. SAIC® is a premier Fortune 500® mission integrator focused on advancing the power of technology and innovation to serve and protect our world. Our robust portfolio of offerings across the defense, space, civilian and intelligence markets includes secure high-end solutions in mission IT, enterprise IT, engineering services and professional services. We integrate emerging technology, rapidly and securely, into mission critical operations that modernize and enable critical national imperatives. We are approximately 24,000 strong; driven by mission, united by purpose, and inspired by opportunities. SAIC is an Equal Opportunity Employer. Headquartered in Reston, Virginia, SAIC has annual revenues of approximately $7.5 billion. For more information, visit saic.com . For ongoing news, please visit our newsroom . SAIC is seeking DevSecOps Engineer to join our team. The DevSecOps Engineer can work at one of the following SAIC locations\: San Diego, CA, Charleston, SC, or Panama City, FL. Role Overview Role\: Platform Engineer building and running our internal developer platform (CI/CD, Kubernetes, pipelines and automation) for both connected and air-gapped environments. Core tooling\: GitLab for source control and pipelines; Ansible as the primary automation language; Python for helpers/tests; Helm for Kubernetes deployments; MkDocs/ADRs for documentation. Platform stack\: RKE2/Kubernetes on VMware/vSphere/NSX-T, with Rancher, Cilium networking, MetalLB/Traefik ingress, cert-manager, and BIND/DNS; Harbor as the container registry. Delivery expectations\: trunk-based GitLab workflows, deterministic pipelines with built-in testing and security scans, evidence (JUnit/SBOM/scan) attached to every change, no manual “click-ops.” Supply chain and air-gap hygiene\: checksum/signature/SBOM-driven movement of artifacts, RPM/PyPI mirroring via reposync and Pulp, offline scanning and promotion for high-side environments. Security and identity\: secret hygiene by default, Keycloak/SSO integration familiarity, and comfort with vulnerability/misconfig scanning in CI (SAST, IaC, secret detection, Semgrep/KICS, Trivy/pip-audit).