DevSecOps Engineer

Job summary

The DevSecOps Engineer will implement solutions to support the platform for tool development, automation, and AI/ML integrations, specifically for Cybersecurity and Cyber Space Operations Teams. This role involves providing leadership in DevSecOps areas, implementing automated application security testing tools, and collaborating on an automated security framework.

Qualifications

• Bachelor's degree in science, Technology, Engineering, Mathematics, IT, or business-related programs.
• 8+ years of experience in Software Development, Agile, DevOps, or Lean process transformation.
• 8+ years of experience in automation development or systems integration.
• 5+ years of experience with one or more scripting or programming languages (e.g., Python, PowerShell, JavaScript).
• Active DoD 8140/8570 baseline security certification (such as CompTIA Security+, CASP+, or CISSP) or a cloud-specific security certification (e.g., AWS Certified Security - Specialty).
• Active Secret clearance with the ability to obtain TS with SCI eligibility.
• 5+ years’ experience supporting DoD or federal programs (highly desirable).
• Cloud-Specific ML Certifications such as Azure AI Engineer Associate (AI-102) or AWS Certified Machine Learning – Specialty.
• 3+ years’ experience with Vantage or Gaberiel Nimbus.
• Experience with tools such as Jira, Azure DevOps, Git, and CI/CD platforms.
• Experience interpreting data and presenting analysis and recommendations to management.
• High proficiency in the Microsoft Office suite, including Word, Excel, PowerPoint, and Outlook.
• Experience deploying and securing containers.
• Experience utilizing Terraform.
• Understanding of cloud technologies (e.g., AWS, Azure, GCP, Oracle) and hybrid cloud environments.
• Proficiency in multiple scripting and programming languages (Python, Java, Bash, Go).
• Hands-on experience with infrastructure automation tools.
• Experience with agile methodologies and DevSecOps practices.
• Knowledge of cloud security best practices.
• Excellent interpersonal communication, facilitation, and leadership skills to effectively coordinate teams and communicate with stakeholders.

Responsibilities

• Provide leadership in Development, Security, and Operations (DevSecOps) areas including incident response, vulnerability scanning and management, problem management, certificate management, penetration testing, password policy management, data analysis of network security, remediation patching coordination, and compliance efforts.
• Choose and implement appropriate automated application security testing tools, educating users on their best use.
• Collaborate with team members to develop an automated security framework for deployment tools and processes, leveraging scripting languages and open source solutions.
• Recommend automation improvements to replace manual operational tasks.
• Gather requirements, design and implement solutions, manage technical operations, and triage and fix OT, network, or security operational issues.
• Perform network or security analysis and troubleshooting; diagnose root cause analysis using monitoring tools and system analytics; and apply system patches to DevOps tooling.
• Provide technical support and guidance to users and other DevOps Engineers, answering technical questions and resolving issues within network and security domains.
• Update security procedures and create and maintain operations runbooks to document procedures and operations.
• Set up, conduct risk assessments, monitor, and maintain proxy servers, systems, and firewalls.
• Perform application penetration testing and manual security code reviews.
• Support development of value stream mapping, backlog management, and metrics for operational effectiveness and flow.
• Utilize tools such as Jira, Azure DevOps, and ServiceNow to enable automated pipelines, tracking, and synchronization of development and security workflows.
• Ensure alignment with DoD enterprise Agile guidance and modernization initiatives.
• Collaborate with the team to tailor DevSecOps frameworks to government-specific security, policy, and operational environments.
• Automate deployment processes to enhance the release management lifecycle.
• Resolve validation and deployment errors promptly.
• Work productively within an agile, sprint-based environment, adhering to all applicable reporting levels to the project manager.
• Promote the use of modern, cloud native development tools aligned with the Government’s enterprise cloud and digital initiatives.

Skills

Certifications

Degrees

Languages

Travel

Industry

Security clearance

Relocation