DevSecOps Engineer

This is a fully remote position, open to applicants in United States.

📋 Description

• Sustain, enhance, and optimize Terraform and OpenTofu codebases for the provisioning and management of hybrid cloud infrastructure; oversee state files and remote backends within established change control protocols.

• Create and uphold Ansible playbooks and roles to automate system configuration, enforce compliance, manage patches, and deploy applications.

• Develop, maintain, and refine GitHub Actions workflows that incorporate security gates, including SAST, dependency scanning, secrets detection, and policy-as-code validation.

• Facilitate containerized application delivery using Docker for image creation and Kubernetes for orchestration; manage Dockerfiles, Kubernetes manifests, Helm charts, and RBAC configurations.

• Embed security practices throughout the software delivery lifecycle, adhering to CIS benchmarks and supporting NIST SP 800-53 and FISMA compliance standards.

• Engage in stand-ups, sprint planning, and peer code reviews; maintain comprehensive records of all changes to shared codebases and pipelines.

⛳️ Requirements

• Bachelor’s degree in Information Technology or a related discipline preferred.

• Formal educational prerequisites may be waived with 4 years of pertinent professional experience.

• Practical experience with Terraform and/or OpenTofu, including module development, remote state management, and workspace handling.

• Expertise in Ansible, encompassing playbook and role creation, dynamic inventories, and Ansible Vault for secrets management.

• Proven experience in designing and maintaining GitHub Actions workflows, including reusable workflows and security gate integration.

• Familiarity with Docker image creation and hardening, management of Kubernetes manifests and Helm charts, and container security scanning.

• Knowledge of SAST tools (Semgrep, Checkov, tfsec), secrets scanning (Gitleaks, Detect-Secrets), and policy-as-code frameworks (OPA/Rego).

• Proficient in Git-based workflows, including branching strategies, pull request reviews, and enforcement of protected branches.

• Background in a federal or highly regulated environment.

• Awareness of NIST SP 800-53, FISMA, and FedRAMP compliance standards.

• Experience with cloud platforms (AWS).

• Familiarity with secrets management solutions such as HashiCorp Vault.

• Scripting skills in Python and Bash.

🏝️ Benefits

• Convenience/Concierge – Virtual health consultations, commuter benefits, pet insurance, and entertainment discounts that enhance life.

• Development – Annual performance evaluations, tuition assistance, and internal career advancement opportunities to help you excel.

• Financial – Generous 401(k) matching, life and disability insurance, along with financial wellness resources to secure your future.

• Recognition – Annual awards, service anniversaries, referral bonuses, and peer-to-peer acknowledgments that celebrate your accomplishments.

• Wellness – Health insurance coverage, wellness initiatives, flu vaccinations, and biometric screenings to promote your well-being.