DevSecOps Engineer

Who We’re Looking For (Position Overview):

The DevSecOps Engineer supports infrastructure automation, configuration management, continuous integration and continuous delivery (CI/CD) workflows, containerized delivery, and secure software delivery practices in a hybrid cloud environment. This role is intended to extend and mature existing engineering capabilities rather than build a new operating model from scratch.   

What Your Day-To-Day Looks Like (Position Responsibilities):

• Maintain, extend, and improve infrastructure-as-code repositories using Terraform and OpenTofu. 

• Develop and maintain configuration-as-code assets using Ansible. 

• Build, maintain, and improve GitHub Actions workflows for build, test, scanning, and deployment automation. 

• Support containerized delivery using Docker and Kubernetes, including manifests, Helm charts, role-based access control (RBAC), and image hardening and scanning. 

• Integrate security practices into delivery pipelines, including static application security testing (SAST), secrets scanning, policy-as-code, and compliance hardening. 

• Participate in stand-ups, sprint planning, technical reviews, peer reviews, and documentation updates. 

What You Need to Succeed (Minimum Requirements):

• Five years of experience in DevSecOps, infrastructure automation, or continuous integration and continuous delivery (CI/CD) pipeline engineering. 

• Hands-on experience with Terraform and OpenTofu, including modules, remote state, and workspace management. 

• Proficiency with Ansible, including playbooks, roles, inventories, and secrets handling. 

• Demonstrated experience designing and maintaining GitHub Actions workflows. 

• Working knowledge of Docker, Kubernetes, Helm, and container security scanning tools. 

• Familiarity with SAST tools, secrets scanning, policy-as-code frameworks, and Git-based workflows. 

• Ability to meet federal screening and suitability requirements prior to start. 

Ideally, You Also Have (Preferred Qualifications):

• Experience in regulated or federal environments. 

• Familiarity with National Institute of Standards and Technology (NIST) Special Publication 800-53, the Federal Information Security Modernization Act (FISMA), and Federal Risk and Authorization Management Program (FedRAMP) compliance requirements. 

• Amazon Web Services (AWS) cloud platform experience. 

• Experience with secrets management tools such as HashiCorp Vault, plus Python and Bash scripting.