Cyber Security Engineer / DevSecOps Engineer

This is a fully remote position, open to applicants in United States.

📋 Description

• Assist in the design, execution, and upkeep of secure technological solutions for the federal government.

• Create, implement, and sustain security controls in both cloud and on-premises settings.

• Perform security evaluations, vulnerability assessments, and risk analyses for applications, infrastructure, and systems.

• Facilitate ongoing monitoring activities, which include analyzing security events and responding to incidents.

• Develop and manage security documentation, including System Security Plans (SSPs), security protocols, and risk evaluations.

• Aid in Authorization to Operate (ATO) processes and the ongoing adherence to compliance requirements.

• Design, implement, and support secure CI/CD pipelines for application development and infrastructure deployments.

• Incorporate automated security testing into the software development lifecycle.

• Create Infrastructure as Code (IaC) solutions using tools like Terraform, CloudFormation, or Ansible.

• Automate security controls, compliance inspections, and deployment workflows.

• Assist with Kubernetes, Docker, and cloud-native application deployments.

• Evaluate security findings and propose remediation strategies.

• Support vulnerability management processes, including tracking, prioritization, and verification of remediation efforts.

• Engage in security audits and evaluations conducted by both internal and external parties.

• Monitor emerging threats and suggest enhancements to security posture.

⛳️ Requirements

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, Engineering, or a related discipline.

• Over 5 years of experience in cybersecurity, DevSecOps, cloud security, or similar fields.

• Experience working on federal government contracts and within federal information systems.

• Practical experience with cloud platforms such as AWS, Azure, or Google Cloud Platform.

• Proficient in building and maintaining CI/CD pipelines using tools like GitHub Actions, GitLab CI, Jenkins, or Azure DevOps.

• Familiarity with container technologies, including Docker and Kubernetes.

• Knowledge of Infrastructure as Code (IaC) tools such as Terraform, CloudFormation, or Ansible.

• Experience implementing automated security testing in development pipelines.

• Understanding of secure software development practices and DevSecOps methodologies.

• Strong expertise in vulnerability management, security monitoring, and incident response.

• Experience supporting compliance initiatives under NIST, FISMA, and FedRAMP standards.

🏝️ Benefits

• Company-subsidized health, dental, and vision insurance.

• Flexible paid time off (PTO).

• 401K plan with employer matching.

• Paid parental leave after one year of employment.

• Employee Assistance Program.