Cyber Security Engineer / DevSecOps Engineer

Job summary

Ad Hoc is seeking a Cyber Security Engineer to support the design, implementation, and maintenance of secure technology solutions within the federal government. The role involves working with modern, agile methods to deliver scalable and impactful digital services, particularly for public-sector service delivery. The ideal candidate will have a strong understanding of security requirements and experience in compliance, risk management, and security operations.

Benefits

Qualifications

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, Engineering, or related field.
• Five or more years of experience in cybersecurity, DevSecOps, cloud security, or related disciplines.
• Experience supporting federal government contracts and federal information systems.
• Hands-on experience with cloud platforms such as AWS, Azure, or Google Cloud Platform.
• Experience building and maintaining CI/CD pipelines using tools such as GitHub Actions, GitLab CI, Jenkins, or Azure DevOps.
• Experience with container technologies including Docker and Kubernetes.
• Knowledge of Infrastructure as Code (IaC) tools such as Terraform, CloudFormation, or Ansible.
• Experience implementing automated security testing within development pipelines.
• Understanding of secure software development principles and DevSecOps methodologies.
• Strong knowledge of vulnerability management, security monitoring, and incident response.
• Experience supporting compliance efforts under NIST, FISMA, and FedRAMP requirements.
• Experience supporting VA, DoD, HHS, CMS, or other federal civilian agencies.
• Experience with AWS GovCloud or Azure Government environments.
• Familiarity with SIEM and monitoring tools such as Splunk, ELK, DataDog, or Microsoft Sentinel.
• Experience securing Kubernetes and containerized environments.
• Knowledge of zero-trust architectures and cloud-native security controls.
• Experience supporting Authority to Operate (ATO) packages and security assessment.
• Relevant certifications such as CISSP, CISM, or CEH are highly valued.

Responsibilities

• Design, implement, and maintain security controls across cloud and on-premises environments.
• Conduct security assessments, vulnerability analysis, and risk evaluations of applications, infrastructure, and systems.
• Support continuous monitoring activities, including security event analysis and incident response efforts.
• Develop and maintain security documentation, including System Security Plans (SSPs), security procedures, and risk assessments.
• Assist with Authorization to Operate (ATO) activities and ongoing compliance requirements.
• Design, implement, and maintain secure CI/CD pipelines supporting application development and infrastructure deployments.
• Integrate automated security testing into the software development lifecycle.
• Develop Infrastructure as Code (IaC) solutions using tools such as Terraform, CloudFormation, or Ansible.
• Automate security controls, compliance checks, and deployment processes.
• Support Kubernetes, Docker, and cloud-native application deployments.
• Analyze security findings and develop remediation recommendations.
• Support vulnerability management activities, including tracking, prioritization, and remediation verification.
• Participate in security audits and assessments conducted by internal and external stakeholders.
• Monitor emerging threats and recommend improvements to security posture.

Skills

Certifications

Degrees

Industry

Relocation