DevSecOps Security Integration Lead (Alexandria, VA or Seaside, CA)

DevSecOps Security Integration Lead (Alexandria, VA or Seaside, CA) Lakewood, CO Job Details $115,000 - $145,000 a year 11 hours ago Qualifications Security Authorization DevSecOps Practices Stakeholder engagement Azure Bachelor's degree in information technology Computer Science Automation Ansible Infrastructure as Code (IaC) DevOps IT system monitoring GitHub Actions CISSP Secret Clearance CCSP 3 years Information security compliance Incident response Cloud security Bachelor's degree Azure DevOps proficiency NIST standards Terraform DoD 8570 Vulnerability scanning Vulnerability management Senior level Bachelor's degree in cybersecurity CompTIA Security+ RMF Bachelor's degree in computer science Jenkins GitLab Communication skills Security Testing Stakeholder relationship building Stakeholder management Information Technology IT security monitoring AWS CloudFormation Full Job Description Must have an active Secret Clearance to be considered Must be within 1 hour of Alexandria, VA or Seaside, CA Company Information NexGen Technologies, Inc. is a leading IT services firm specializing in delivering innovative, high‑quality solutions to our federal government clients. Our core competencies include IT professional support services, software development, cloud services, IT Operations, Agile project management, and GIS services. Job Summary The DevSecOps Security Integration Lead serves as the primary technical and compliance integrator responsible for embedding RMF-aligned security controls, automated compliance checks, and continuous monitoring capabilities into CI/CD pipelines. This role drives the transition from traditional ATO processes to continuous ATO (cATO) by designing automated workflows, implementing real-time security validation, and ensuring DevSecOps teams operate in full alignment with DoD cybersecurity requirements. The position is critical to advancing automation maturity, strengthening security posture, and enabling rapid, compliant delivery across development and deployment environments. Supervisory Responsibilities There are no supervisory responsibilities. Essential Duties and Responsibilities (as assigned) Integrates CI/CD pipelines into RMF processes, enabling automated compliance validation, implementation of security controls, and real-time security scans for continuous ATO. Critical for supporting automation and security integration under RMF compliance workflows. Leads the integration of RMF compliance into DevSecOps pipelines to support automated compliance validations and facilitate cATO workflows. Designs CI/CD workflows that include automated security scans, continuous monitoring activities, and vulnerability remediations integrated into development cycles. Aligns DevSecOps team efforts with RMF compliance objectives, embedding security controls into testing and deployment pipelines. Develops playbooks or processes for transitioning from traditional ATO to cATO, helping teams operationalize real-time compliance checks. Proposes tools and techniques to enhance automation maturity for security controls, risk assessments, and compliance validation. Other duties as assigned. Technical Skills Experience integrating security controls and RMF requirements into DevSecOps pipelines. Strong understanding of DoD

RMF, NIST SP 800

‑53 Rev. 4/5, DoDI 8500.01, and continuous monitoring practices. Hands-on experience with CI/CD tools (e.g., GitLab CI, Jenkins, GitHub Actions, Azure DevOps). Experience with automated security scanning tools (SAST, DAST, SCA, container scanning, IaC scanning). Familiarity with SIEM, vulnerability management platforms, and continuous monitoring technologies. Desired Skills Experience supporting or implementing continuous ATO (cATO) frameworks. Knowledge of cloud security (AWS, Azure, DoD Cloud environments). Experience with infrastructure-as-code (Terraform, Ansible, CloudFormation). Security certifications such as CISSP, CCSP, Security+, or equivalent DoD 8570/8140 certifications. Education Bachelor's degree in Cybersecurity, IT, Computer Science, or related field. Additional Requirements Ability to collaborate with ISSMs, ISSOs, system owners, and engineering teams. Strong documentation, communication, and stakeholder engagement skills. Must be able to pass background screening prior to employment. US Citizenship, legal permanent residence, or US work authorization with a minimum of 3 years of US presence is required due to federal contract requirement. Active Secret clearance required; ability to obtain TS/SCI preferred. Place of Performance Minimum 25% on‑site at the Mark Center (Alexandria, VA) or DoD Center - Monterey Bay (Seaside, CA).

Work hours:

8 a.m. Eastern to 5 p.m. Pacific, Monday-Friday, excluding federal holidays or government closures. Incident response may require after‑hours support with one‑hour recall. Physical Requirements Reliable internet (50 Mbps down / 25 Mbps up) and a secure remote work environment. Reasonable accommodations will be provided as needed. ( We provide reasonable accommodations to individuals with disabilities to enable them to perform the essential functions.)

Compensation:

$115,000-$145,000/year (The successful candidate's starting pay will fall within the salary range provided and is determined based on job-related factors, including, but not limited to, experience, qualifications, knowledge, skills, geographic work location, and market conditions.) NexGen Technologies, Inc. is an equal opportunity employer. All qualified applicants will receive consideration without regard to race, color, religion, sex, national origin, age, disability, genetic information, or veteran status. (

Last Revision:

2026‑03-12)