DevSecOps Engineer-Experienced

About Pratt Miller, an Oshkosh company

Pratt Miller is a product development company in motorsports, defense, and mobility industries providing clients with product engineering and low-volume production solutions. Our range of research & development, engineering, prototype manufacturing, test & validation, and low-rate production capability help our customers bring their high-quality products to market faster.

The Dev Sec Ops  Engineer is responsible for implementing secure development pipelines, automation frameworks, and compliant infrastructure to support defense programs operating under CMMC Level 2 and NIST 800-171/172 requirements. This role integrates security controls into cloud and on-prem environments, supports continuous monitoring and vulnerability management, and ensures systems hosting Controlled Unclassified Information (CUI) meet mission‑critical performance and cybersecurity standards. This is a hands‑on position that will work closely with software, IT, and security teams to deliver resilient, secure, and auditable solutions across defense projects.

Typical responsibilities include, but are not limited to:

• Responsible for the design, implementation, and maintenance of secure Dev Sec Ops  infrastructure and delivery pipelines to support defense programs under CMMC Level 2 compliance.
• Implement security controls and automation within CI/CD pipelines using Git Lab and related Dev Sec Ops  tooling.
• Ensure adherence to secure coding practices, compliance with NIST SP 800-171/172, and CMMC Level 2 cybersecurity standards across software development and infrastructure management.
• Collaborate with defense software and cybersecurity teams to integrate automated testing, vulnerability management, and secure deployment strategies into cloud and on‑prem environments.
• Assist in identifying technologies and tools that enhance security posture, automation, and compliance monitoring capabilities.

• Maintain a customer‑focused view of system security and Dev Sec Ops  process effectiveness across defense project initiatives.
• Participate in technical and compliance reviews with customers and stakeholders to ensure systems meet mission‑critical availability, reliability, and security requirements.

• Research and implement new technologies, security tools, and methodologies to enhance automation, compliance, and system resilience.
• Stay informed on evolving DoD cybersecurity standards, cloud governance models, and zero‑trust architectures to ensure continuous compliance.

• Work across multidisciplinary engineering and IT teams, integrating security controls within development and operational environments.
• Collaborate with network, software, and security engineers to ensure end‑to‑end protection of systems hosting Controlled Unclassified Information (CUI).
• Participate in design and code reviews, infrastructure planning meetings, and post‑implementation security assessments.
• Work effectively with remote and hybrid teams using collaboration tools such as Matter Most and Git Lab.

• Demonstrate strong analytical thinking and problem‑solving skills with the ability to address complex infrastructure and cybersecurity challenges.
• Leverage automation and monitoring to proactively identify and resolve performance or compliance issues within Dev Sec Ops  pipelines.

• Strong documentation skills for configurations, compliance evidence, and SOPs.
• Ability to clearly explain complex security concepts to both technical and non‑technical audiences.
• Self‑starter with a security‑first mindset and the ability to manage multiple projects with minimal supervision.
• Collaborative and communicative, with consistent effectiveness working across disciplines.

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field; advanced degree preferred.
• Must meet the requirements for obtaining a U.S. Government clearance;
  active Secret or higher clearance preferred
  .
• Experience developing and maintaining secure CI/CD pipelines using Git Lab, Jenkins, or Azure Dev…