DevOpsHunt
Jobs / Spry Methods, Inc

DevSecOps Engineer

Spry Methods, Inc · Washington, DC, United States
Washington, DC, United StatesExp: 5+ yrsHybrid
Remuneration
Not specified
Location
Washington, DC, United States
Visa sponsorship
Not specified

Job summary

The DevSecOps Engineer supports infrastructure automation, configuration management, continuous integration and continuous delivery (CI/CD) workflows, containerized delivery, and secure software delivery practices in a hybrid cloud environment. This role extends and matures existing engineering capabilities.

Qualifications

  • Five years of experience in DevSecOps, infrastructure automation, or continuous integration and continuous delivery (CI/CD) pipeline engineering.
  • Hands-on experience with Terraform and OpenTofu, including modules, remote state, and workspace management.
  • Proficiency with Ansible, including playbooks, roles, inventories, and secrets handling.
  • Demonstrated experience designing and maintaining GitHub Actions workflows.
  • Working knowledge of Docker, Kubernetes, Helm, and container security scanning tools.
  • Familiarity with SAST tools, secrets scanning, policy-as-code frameworks, and Git-based workflows.
  • Ability to meet federal screening and suitability requirements prior to start.
  • Experience in regulated or federal environments.
  • Familiarity with NIST Special Publication 800-53, FISMA, and FedRAMP compliance requirements.
  • Amazon Web Services (AWS) cloud platform experience.
  • Experience with secrets management tools such as HashiCorp Vault.
  • Experience with Python and Bash scripting.

Responsibilities

  • Maintain, extend, and improve infrastructure-as-code repositories using Terraform and OpenTofu.
  • Develop and maintain configuration-as-code assets using Ansible.
  • Build, maintain, and improve GitHub Actions workflows for build, test, scanning, and deployment automation.
  • Support containerized delivery using Docker and Kubernetes, including manifests, Helm charts, role-based access control (RBAC), and image hardening and scanning.
  • Integrate security practices into delivery pipelines, including static application security testing (SAST), secrets scanning, policy-as-code, and compliance hardening.
  • Participate in stand-ups, sprint planning, technical reviews, peer reviews, and documentation updates.

Skills

AnsibleAWSBashDockerGitGitHubGitHub ActionsHelmKubernetesOpenTofuPythonTerraformVault

Relocation

No
Apply Now