DevSecOps Engineer

Your growth matters to us - explore our career development opportunities.

Connect with others in our people-first culture and enhance our collective ingenuity.

Learn how we’ll support you as you pursue a balanced, fulfilling life.

Discover what to expect during your journey as a candidate with us.

Today’s dynamic technology landscape demands constant and rapid innovation. To facilitate this transformation, we must ensure continuous integration and application development. That’s why we need an experienced Dev Ops engineer who’s eager to design, test, and program critical applications for our clients who need them most.

This is an opportunity to broaden your experience in software engineering while helping to develop software that will transform workflows and make a real impact. We invest in technology—and in you—providing continuing education resources, tuition assistance, and tech development programs to keep your skills sharp at the leading edge of tech.

• Integrate and enhance security into our software delivery pipelines using Dev Sec Ops  practices.
• Serve as a technical expert, using secure development practices and delivering continuous improvement across our CI/CD ecosystem.
• Evolve and secure CI/CD pipelines by integrating automated security tools such as SAST, DAST, SCA, and container scanning to meet DoD requirements and reduce operational risk.
• Refine vulnerability detection thresholds, tune scanners, reduce false positives, and optimize remediation workflows.
• Harden Infrastructure-as-Code templates, enforce policy‑as‑code, conduct risk assessments, and contribute to system security plans and continuous authority‑to‑operate efforts.
• Collaborate with development, operations, and security teams to support secure software delivery.
• Monitor pipeline activity for anomalies and assist in responding to security incidents.
• Champion Zero‑Trust principles and drive adoption of secure‑by‑design methodologies across the software development lifecycle.

• 5+ years of experience in cybersecurity engineering and Dev Sec Ops  in federal or defense environments employing IaC/CaC, CI/CD, and SSDLC concepts.
• 3+ years of experience in scripting, including Python or Bash, and automation frameworks.
• 2+ years of experience implementing cybersecurity solutions in AWS cloud and container orchestration, including Kubernetes.
• Knowledge of best‑practice cybersecurity and threat‑based frameworks, including AI/ML security best practices.
• Knowledge of NIST SP 800‑53 controls, RMF compliance, eMASS, STIG Manager, STIG Viewer, and SCAP tools.
• Knowledge of Agile and Change Management methodologies.
• Security+ Certification.
• Bachelor’s degree in Cybersecurity or Computer Science.
• Top Secret clearance (required).

• 3+ years of experience reviewing code samples and applying whitelisting or exemption processes.
• Experience developing Zero‑Trust security solutions for Dev Sec Ops  pipelines.
• Experience evaluating security tools and assessing fit for inclusion in development or operational environments.
• Excellent verbal, technical writing, and documentation skills.
• TS/SCI clearance.
• Master’s degree in an IT or Cybersecurity field.
• AWS Solutions Architect, AWS Security, or CISSP Certification.

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information. Top Secret clearance is required.

Salary ranges from $77,600.00 to $ (annualized USD). Benefits include health, life, disability, financial, and retirement options, paid leave, professional development, tuition assistance, and work‑life programs.

All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran, or any other status protected by applicable federal, state, local, or international law.

• Remote:
  Remote work may require occasional onsite duty at a Booz Allen or customer facility.
• Hybrid:
  Employees will be expected to work from a Booz Allen facility frequently, with occasional customer visits.
• Onsite:
  Work will primarily be performed at a Booz Allen office or customer facility.