×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Systems Engineer Security Manager Cloud Computing

Devops Security Engineer

Job in Gaithersburg, Montgomery County, Maryland, 20877, USA
Listing for: Knox Systems
Full Time position
Listed on 2026-06-13
Job specializations:
  • IT/Tech
    Cybersecurity, Systems Engineer, Security Manager, Cloud Computing
Salary/Wage Range or Industry Benchmark: 110000 - 140000 USD Yearly USD 110000.00 140000.00 YEAR
Job Description & How to Apply Below

Department:
Operations

Location:

Remote (U.S.), West Coast hours preferred

Reports To:

Director of Dev Ops

Classification:
Full-Time, Exempt

Estimated Compensation Range: $110K - $140K

US Citizenship Required. Dual Citizenship Prohibited. Must reside in the US.

About Knox

Knox runs the largest Federal managed cloud, building and operating secure cloud and AI environments that support the U.S. government’s most critical missions — from national security and public safety to essential public services. Our customers rely on Knox to deploy production systems that meet the highest standards for security, reliability, and compliance.

Work at Knox is high-impact and purpose-driven. The problems we solve are high-stakes, the expectations are high, and the results are visible. Speed, rigor, and trust matter here - because the environments we secure cannot fail. Your contributions are visible, your expertise is relied upon, and the impact of your work is immediate and measurable. We operate at federal scale, securing some of the most sensitive government environments in the country - because the systems we build must perform without fail.

Role Overview

The Devops Security Engineer is a hands-on Dev Sec Ops  role responsible for securing cloud-native, multi‑tenant environments operating under FedRAMP Moderate/High and NIST SP 800‑53 requirements. This role focuses on preventative security, automation, and continuous compliance, embedding security controls directly into infrastructure, CI/CD pipelines, and runtime operations. The engineer will operate Crowd Strike as a core CNAPP and Dev Sec Ops  control, alongside CSPM tooling, to prevent misconfigurations, reduce risk, and maintain continuous audit readiness while working directly with customers and internal engineering teams.

Job Responsibilities

Customer Onboarding & Communication

  • Serve as a security point of contact for external customers deploying into regulated cloud environments.
  • Support customer onboarding by validating application security posture and deployment readiness for FedRAMP environments.
  • Review customer security documentation, architectures, and deployment workflows against platform security requirements.
  • Communicate security requirements, changes, incident escalations, and compliance questions clearly to customers.

Federal Compliance & Governance (FedRAMP/NIST)

  • Implement and operate security controls required for FedRAMP Moderate/High, aligned to NIST SP 800‑53.
  • Support Continuous Monitoring (Con Mon) activities, including vulnerability tracking, POA&M updates, and compliance reporting.
  • Maintain and validate FedRAMP security architecture artifacts, including network diagrams, data flow diagrams, trust boundaries, and control flows.
  • Validate deployed infrastructure and traffic patterns against approved FedRAMP architectures using flow logs and telemetry.

Security Tooling & Vendor Management

  • Operates Crowd Strike as part of the core CNAPP enforcement and Dev Sec Ops  control, including IOM/IOA analysis, vulnerability management (Spotlight), workload protection, and telemetry/log review for cloud workloads.
  • Integrate Crowd Strike CNAPP and detection signals into automated SOAR and CI/CD workflows to support preventative controls, response, and Continuous Monitoring (Con Mon) for FedRAMP compliance.
  • Coordinate external penetration testing efforts, including scoping, access, findings review, and remediation tracking.
  • Use application security tools (e.g., Burp Suite) to support internal testing and remediation.

Dev Ops, Automation, & Preventative Security

  • Implement security and compliance gates in CI/CD pipelines to prevent non‑compliant infrastructure or code from reaching production.
  • Enforce policy‑as‑code guardrails for IAM, networking, logging, encryption, and endpoint protection using Terraform.
  • Ensure Crowd Strike coverage, logging, and monitoring are enforced as deployment prerequisites.
  • Prevent cloud exposure by enforcing network segmentation, approved ingress/egress paths, and least‑privilege access.
  • Detect and remediate configuration drift using CSPM and automated workflows.
  • Secure Kubernetes clusters and containerized workloads to approved security…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search