Senior DevOps Engineer

Job summary

eSimplicity is seeking a Senior DevOps Engineer to design, implement, and maintain DevSecOps toolchains for a Salesforce-based platform, including CI/CD pipelines and AWS cloud infrastructure. The role involves automating operational tasks, integrating security gates, and supporting incident management within an Agile delivery team. This position requires a strong background in AWS, CI/CD, and security tools, with a focus on government agency partnerships.

Benefits

Qualifications

• Pass public trust clearance through the U.S. Federal Government.
• Be a U.S. citizen or pass clearance through the Foreign National Government System, requiring residence in the United States for at least 3 out of the previous 5 years, a valid non-expired passport from country of birth, and appropriate VISA/work permit documentation.
• Bachelor’s degree in computer science, engineering, or a related field.
• 8+ years of hands-on DevSecOps experience with AWS cloud architectures, CI/CD pipelines (GitHub Actions), log aggregation (Splunk), monitoring (New Relic), security tools (Snyk, Tenable Nessus, AWS Security Hub), and release management.
• Expert knowledge of AWS services (server and serverless), S3 access management, and application configuration.
• Strong experience with Ansible or Terraform, AWS CloudFormation, Python, Jenkins, Git, and security-scanning tools (Nessus, BurpSuite, OWASP ZAP, etc.).
• Hands-on experience implementing infrastructure-as-code across the full stack of development and data analytics environments.
• Experience with data organization, partitioning strategies, and data retention policies for cloud-based data pipelines.
• Strong investigative skills with the ability to perform root-cause analysis and impact analysis on proposed changes.
• Experience with Atlassian Jira and Confluence.
• Familiarity with Salesforce DevOps tooling, including Copado (Desired).
• Experience with Kubernetes, container orchestration, and service mesh tooling (Desired).
• Federal Government contracting work experience, particularly with CMS, MACBIS, or other HHS programs (Desired).
• Experience supporting FedRAMP Moderate ATO maintenance and CMS continuous monitoring requirements (Desired).

Responsibilities

• Design, implement, and maintain the DevSecOps toolchain for the Salesforce-based MESH platform and its integrations across AWS, Microsoft 365, T-MSIS, MBES/MacFin, and CMS DataConnect.
• Build and operate CI/CD pipelines using GitHub Actions and Copado to automate build, test, security scanning, deployment, and rollback for Salesforce and AWS-hosted components.
• Manage AWS cloud infrastructure using infrastructure-as-code (Terraform, AWS CloudFormation) and configuration management tools (Ansible), aligning with CMS Cloud governance and FedRAMP Moderate baselines.
• Implement observability across the platform using tools such as Splunk, AWS CloudWatch, New Relic, or Dynatrace; build dashboards and alerts for system health, latency, throughput, error rates, and capacity.
• Automate day-to-day operational tasks (provisioning, patching, configuration, user/access management) using Python, Bash, PowerShell, and AWS APIs to reduce toil and improve repeatability.
• Partner with the security team to integrate security gates (SAST, DAST, SCA, container scanning) into pipelines and remediate vulnerabilities within CMS-defined timeframes.
• Support incident, change, and problem management as part of an integrated Agile delivery team; contribute to root-cause analyses and preventive actions.
• Maintain hardened, monitored environments for development, testing, UAT, staging, and production with minimum-downtime deployment strategies and tested rollback procedures.
• Implement data backup, retention, and disaster-recovery solutions for Salesforce and AWS-hosted assets, validated through scheduled restoration tests.
• Manage user access, secrets, and certificates across CMS IDM/Okta, EUA, AWS IAM, GitHub, and Copado in accordance with least-privilege and zero-trust principles.
• Document architecture, runbooks, deployment procedures, and operational standards in CMS-approved tools (Confluence, Box, GitHub) and ensure transparency for CMS Product Owners.
• Coordinate with the CMS Cloud contractor to optimize cloud resource utilization, cost, and adherence to CMS Cloud governance processes.
• Mentor engineers on DevSecOps best practices, automation-first design, and continuous-improvement metrics tied to deployment frequency and reliability.

Skills

Certifications

Degrees

Work schedule

Travel

Security clearance

Relocation