DevSecOps Engineer

• Design, develop, and maintain CI/CD pipelines for a range of applications in compliance with USAF Platform One standards.
• Implement DevSecOps best practices, ensuring secure code, infrastructure, and environments through continuous integration, testing, and deployment.
• Utilize and integrate automation tools to enhance scalability, reduce manual interventions, and streamline processes.
• Develop Infrastructure-as-Code (IaC) and Configuration-as-Code (CaC) scripts using tools such as Terraform, Ansible, and Packer.
• Implement and manage containerized applications using Kubernetes, Docker, and Helm, including experience in hardening these environments.
• Conduct automated security testing and vulnerability scanning to ensure compliance with DoD and USAF security standards.
• Maintain and document security operations and maintenance activities, ensuring all configurations and procedures are up to date.
• Support the integration of secure software delivery pipelines, including development in air-gapped and controlled environments.
• Provide continuous monitoring and implement security measures across live environments, leveraging tools like Istio, Jenkins, GitLab, and other Platform One approved technologies.

• Must be a U.S. Citizen and currently residing in the United States.
• Must possess or be able to obtain a U.S. Government Secret or higher security clearance.
• If you hold a clearance will be verified during the interview
• One of the following certifications are required - CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND or SSCP.
• Bachelor's Degree in Computer Science, Engineering, or a related field, or 10 years of relevant experience in lieu of a degree.
• Minimum of 3 years of professional experience in a DevSecOps role, preferably supporting DoD or government agencies.
• Strong understanding of cloud-native architectures, microservices, and container orchestration platforms (Kubernetes, Docker, etc.).
• Experience with AWS, Azure, or Google Cloud Platform, and familiarity with auto-scaled cloud-based systems and serverless architectures.
• Experience in developing and maintaining CI/CD pipelines using Jenkins, GitLab, or similar tools.
• Proficiency in Infrastructure-as-Code (IaC) and Configuration-as-Code (CaC) using tools like Terraform, Ansible, and Packer.
• Advanced scripting skills in Bash, Python, or similar languages.
• Strong understanding of agile and DevSecOps methodologies and experience working in agile teams.
• Experience with security frameworks such as NIST RMF 800-53, and tools such as XACTA, EMASS.
• Familiarity with Platform One DevSecOps services, tools, and processes is highly preferred.

Desired Qualifications:

• Certified Information Systems Security Professional (CISSP) or Certified Cloud Security Professional (CCSP).
• Experience with DoD or government standards and policies.
• Close proximity to a military installation.
• Experience with MacOS and/or Linux and related toolsets.
• Ability to work independently and collaboratively within a cross-functional team.