DevSecOps Engineer

Description

We are seeking a talented and motivated Dev Sec Ops  Engineer with expertise in designing, implementing, and optimizing secure, scalable CI/CD pipelines in highly regulated and secure environments. The ideal candidate will play a critical role in ensuring secure software delivery while adhering to compliance requirements, such as operating within Impact Level 6 (IL6) closed environments. This role requires hands‑on experience with modern Dev Sec Ops  tools, platforms, and methodologies, including Git Lab, Kubernetes, image scanning, static analysis tools, and software signing tools like Cosign.

The Dev Sec Ops  Engineer will collaborate with cross‑functional teams, including developers, system administrators, and cybersecurity professionals, to deploy secure and resilient infrastructure, applications, and pipelines.

• Deploy and maintain secure CI/CD pipelines that support the full software development lifecycle using tools like Git Lab, Terraform, Helm, or Ansible.
• Deploy and maintain multi‑stage CI/CD pipelines (e.g., build, test, scan, release, deploy) for efficient, secure delivery of applications.
• Build and manage Kubernetes clusters in development, testing, and production environments.
• Ensure security best practices, including Role‑Based Access Control (RBAC), namespace isolation, and secure ingress/egress traffic configurations.
• Deploy tools and processes to enable rapid provisioning and repeatability while maintaining compliance with cyber and operational standards.
• Work within a secure, air‑gapped IL6 environment and implement robust processes to ensure compliance with DoD or other regulatory frameworks.
• Design solutions to securely handle sensitive data, binaries, and infrastructure in disconnected networks.
• Integrate Dev Sec Ops  tools such as image scanners, static code analysis tools, Cosign for software signing, and vulnerability management frameworks into the pipeline.
• Manage, configure, and maintain Windows Server (Active Directory, Group Policy, DNS, DHCP).
• Implement and ensure the security and availability of Windows and Linux systems, including patch management, vulnerability assessments, and compliance with organizational policies.
• Automate recurring tasks using scripting tools like Power Shell, Python, or Bash to improve operational efficiency.
• Troubleshoot issues within Windows (file systems, network connectivity, performance, and authentication).
• Plan and execute upgrades, migrations, and installations for both Windows and Linux systems.
• Collaborate with cross‑functional teams to ensure systems integration and operational effectiveness.
• Develop and deliver technical documentation, including CI/CD pipeline configurations, workflow processes, and build instructions.

Required Skills and Qualifications:

• Must have a BS Degree with six years of experience.
• Security+ Certification.
• Must hold an active Secret Clearance.

• Proficiency with Git Lab CI/CD and Git-based workflows to version control and orchestrate pipelines.
• Strong hands‑on experience with Kubernetes, container technologies (e.g., Docker), and managing workloads within those platforms.
• Comprehensive understanding of CI/CD pipeline stages (e.g., build, test, security scan, deployment) and best practices for automation.
• Knowledge and experience working in secure environments, specifically Impact Level 6 (IL6) or similarly controlled environments, with a strong understanding of DoD or equivalent compliance frameworks.
• Proficiency in tools for security automation:
  • Image Scanning Tools (e.g., Anchore).
  • Static Code Analysis Tools (e.g., Sonar Qube).
  • Software Signing Tools (e.g., Cosign) for image and binary integrity verification.
• Hands‑on experience with container hardening and vulnerability remediation.
• Strong scripting and automation skills for automating configuration, build, and deployment processes.
• Proficiency with Infrastructure as Code (IaC) tools like Terraform, Helm, or Ansible for provisioning and managing secure environments.

• Ability to effectively communicate complex technical concepts to developers, security teams, and stakeholders.
• Proven experience collaborating in multidisciplinary teams within Agile or Dev Sec Ops  methodologies.

Target salary range: $80,001 - $120,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.