DevSecOps Engineer

This is a fully remote position, open to applicants in Virginia.

📋 Description

• Design, implement, and sustain CI/CD pipelines that facilitate build, test, and deployment automation across all environments.

• Develop and oversee containerized application deployments utilizing Docker and Kubernetes in the AWS GovCloud environment.

• Apply Infrastructure as Code (IaC) principles with Terraform or CloudFormation to automate the provisioning and configuration management processes.

• Integrate automated security scans and compliance evaluations that align with the DoD Risk Management Framework (RMF) and DISA STIG standards.

• Support continuous monitoring and logging using AWS CloudWatch, GuardDuty, and various third-party vulnerability management tools (e.g., Nessus, ACAS).

• Collaborate with development and cybersecurity teams to ensure adherence to secure coding practices and the principles of Zero Trust architecture.

• Create and maintain DevSecOps plans, playbooks, and standard operating procedures that detail secure build and deployment methodologies.

• Lead efforts in performance optimization, scalability strategies, and proactive incident response for CI/CD infrastructure.

• Manage code repositories in AWS CodeCommit, ensuring secure branching, versioning, and release management practices.

• Work in conjunction with system administrators to enhance network, storage, and compute resources that support the CI/CD pipeline.

• Engage in Agile ceremonies to plan, execute, and assess DevSecOps sprint outcomes.

• Assist in system authorization tasks, including documentation for ATO compliance in accordance with DoDI 8510.01 (RMF).

⛳️ Requirements

• In-depth knowledge of CI/CD tools such as Jenkins, GitLab CI, or AWS CodePipeline.

• Expertise in containerization and orchestration technologies (Docker, Kubernetes, Helm).

• Experience utilizing IaC tools like Terraform or AWS CloudFormation.

• Familiarity with Zero Trust principles, RMF, and DISA STIG compliance requirements.

• Practical experience with monitoring and alerting tools (CloudWatch, ELK Stack, Prometheus).

• Proficiency in scripting languages such as Python, Bash, or PowerShell.

• Experience integrating static code analysis, dependency scanning, and vulnerability management into CI/CD pipelines.

• Strong teamwork and collaboration abilities across diverse teams.

• Capability to balance performance, scalability, and security in automated deployment processes.

• Exceptional troubleshooting, problem-solving, and analytical skills.

• Strong communication skills for engaging both technical and executive audiences.

• Preferred certifications include: AWS Certified DevOps Engineer – Professional, CompTIA Security+ CE (DoD 8570), Certified Kubernetes Administrator (CKA), or Docker Certified Associate (DCA).

🏝️ Benefits

• Health insurance

• 401(k) matching

• Flexible work hours

• Paid time off

• Remote work options