DevSecOps Engineer

Role

Dev Ops Security Engineer (US Citizen)

Ogden, Utah – 100% Onsite. No remote.

US Citizens Only. Active Clearance required.

• Design and implement security controls within CI/CD pipelines to ensure secure software delivery.
• Integrate automated security testing tools such as SAST, DAST, SCA, and container scanning.
• Embed security checks into build and deployment processes to identify vulnerabilities early in the SDLC.
• Work with Dev Ops teams to secure cloud infrastructure, containers, and Kubernetes environments.
• Implement Infrastructure-as-Code security scanning and policy enforcement.
• Develop automation scripts and integrations to support security workflows.
• Maintain and enhance CI/CD platforms and pipeline security tooling.
• Integrate vulnerability management tools with development workflows.
• Partner with developers and QA teams to promote secure coding practices.
• Assist engineering teams in remediating vulnerabilities identified during testing and scanning.
• Collaborate with internal and customer security teams to implement organizational security standards.
• Support security compliance requirements such as SOC2, FedRAMP, or DoD security standards where applicable.
• Assist with security audits and vulnerability remediation tracking.
• Help maintain documentation of Dev Sec Ops  processes and controls.

• 3–6 years of experience in Dev Ops, Dev Sec Ops , or security engineering.
• Experience building and maintaining CI/CD pipelines (Git Hub Actions, Jenkins, Git Lab CI, or similar).
• Familiarity with cloud platforms such as AWS, Azure, or GCP.
• Experience with container technologies (Docker, Kubernetes).
• Understanding of secure software development lifecycle (SSDLC) practices.
• Experience integrating security tools such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and container vulnerability scanning.
• Scripting experience (Python, Bash, or similar).
• Familiarity with Infrastructure as Code tools (Ansible, Terraform, Cloud Formation, etc.).

• Experience implementing Dev Sec Ops  practices in enterprise software environments.
• Knowledge of container and Kubernetes security best practices.
• Experience with secrets management solutions (Vault, AWS Secrets Manager, Azure Key Vault).
• Familiarity with security frameworks such as NIST, CIS Benchmarks, OWASP Top 10.
• Experience supporting government or regulated environments (FedRAMP, DoD Impact Levels, etc.).
• Security certifications such as Security+, CISSP (associate level), Certified Kubernetes Security Specialist (CKS).

• Dev Sec Ops  and secure SDLC
• CI/CD automation
• Cloud security
• Container and Kubernetes security
• Vulnerability management
• Infrastructure as Code
• Security tooling integration

• Well versed in working with diverse stakeholders – business analysts, solution architects, technical managers, developers, QA, customer IT.
• Excellent communication (verbal and written) and interpersonal skills.
• Ability to work while embedded in customers’ teams remotely.
• High degree of initiative and ownership to take a task and own it from inception to completion.

The salary range information provided reflects the anticipated base salary range for this position based on current national data. Minimums and maximums may vary based on location. Individual salary will be commensurate with skills, experience, certifications or licenses and other relevant factors. In addition, this role will be eligible to participate in either the annual performance bonus or commission program.

Benefits include comprehensive medical, dental, and vision coverage; 401K with matching; flexible time off; corporate fitness program; and a variety of voluntary benefits such as legal, accident and hospital indemnity, pet insurance, and more.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.