DevSecOps Engineer

Role Overview

Detroit Defense is seeking a Dev Sec Ops  Engineer with primary strength in Application Security for Linux operating environments. The Dev Sec Ops  Engineer will analyze C/C++ development environments, system architectures, and safety‑critical security risks to define and implement security controls, realized through Dev Sec Ops  pipelines, for embedded applications running in Linux environments. This includes integrating source code repositories, build systems, security analysis tools, issue management systems, and developer environments.

• Analyze application architectures, deployment topologies, and trust boundaries to identify threats and define appropriate security controls across the development lifecycle
• Develop and apply threat models to identify vulnerabilities and drive the selection of security controls in code, pipelines, and runtime environments
• Interact with software developers to guide secure development, perform code reviews, and provide actionable, risk‑based recommendations
• Design, implement, and maintain CI/CD pipelines that enforce and validate security controls (e.g., SAST, SCA, build integrity, artifact security) for C/C++ applications targeting Linux hosts
• Build C/C++ applications using standard Linux tool chains (e.g., gcc/g++, make, cmake) and resolve compilation and dependency issues
• Manage and securely handle pipeline artifacts, dependencies, and environment variables, ensuring sensitive information is not exposed in code or logs

• A bachelor’s degree from an accredited college or university in computer science, engineering, or an applicable field of study
• Minimum of three years in Application Security or software development role
• Ability to obtain and maintain a Common Access Card (CAC) and a US Government Security Clearance
• Skilled in Agile, Dev Ops, and modern delivery practices
• Strong Linux expertise, including system internals and security topics such as permissions, process isolation, secure execution (non‑root services), file handling, and common vulnerability classes
• Strong analytical and problem‑solving skills with an attacker mindset, able to anticipate and simulate real‑world attacks and identify vulnerabilities beyond automated scanning
• Experience interpreting and applying security frameworks (e.g., STIGs, FIPS 140‑x, NIST 800‑53) to derive system‑specific security controls and implement them within development pipelines and deployed environments
• Evaluate application and system designs to identify security gaps and recommend architectural improvements beyond pipeline‑based controls
• Evaluate trade‑offs between security, performance, and operational constraints in safety‑critical or resource‑constrained environments
• Hands‑on experience with Git Lab CI/CD pipelines, including writing and debugging .gitlab-ci.yml configurations
• Familiar with Coverity, Black Duck, or similar SAST/SCA tools and capable of interpreting and acting on scan results
• Experience building C/C++ applications in Linux environments using gcc, make, or cmake
• Familiar with secure handling of secrets and credentials within CI/CD pipelines

• Medical, Dental & Vision Benefits
• Company‑Paid Life and AD&D
• Company‑Paid Short‑Term and Long‑Term Disability
• Flexible Spending & HSA Accounts
• Legal & d Services
• 401(k) with Company Match
• Paid holidays
• Paid Time Off (PTO)

Detroit Defense is an Equal Opportunity/Affirmative Action employer. All qualified applicants will be considered without regard to race, color, religion, national origin, sex (including gender identity or gender expression), age, mental or physical disability, creed, ancestry, citizenship, veteran status, marital status, sexual orientation, medical condition, genetic trait or any other characteristic protected by federal, state or local law.