DevSecOps Engineer

Job Requirements Patrick AFB, FL Top Secret/SCI Polygraph not specified Mid Level Career (5+ yrs experience) $115,000

• $140,000

Job Description Position Title:

DevSecOps Engineer•

Cleared Software Engineering Environment Support Location:

Remote, with occasional travel to main offices and client sites as required

Clearance Level:

Active security clearance required

• Top Secret/Sensitive Compartmented Information

• TS/SCI Salary:

  $115k
• $140k pending qualifying factors Position Overview We are seeking a DevSecOps Engineer to join our engineering team and play a key role in securing our highly technical, cleared software environments.

The ideal candidate will have a strong background in implementing security-focused DevOps practices within classified or high-security environments, particularly those requiring stringent compliance and zero-trust methodologies. This role will involve building, deploying, and maintaining scalable, secure infrastructure to support our custom solutions and seismic monitoring software for government and nuclear sectors. Hot Initiatives or Likely Scenarios To Be Faced Lead efforts with Gitlab CI/CD integration in a secure environment Lead efforts to integrate existing software with onsite Oracle database Lead efforts on identifying and following STIG processes Lead efforts on analyzing security scans of delivered software and addressing security concerns. Participate as development team member for a senior level distributed team of Scientists and Software Engineers. Key Responsibilities

Secure DevOps Pipeline Development:

Design, implement, and maintain a secure CI/CD pipeline for classified applications, enforcing least privilege and zero-trust principles.

Security Automation and Integration:

Integrate security tools into the DevOps pipeline, including static and dynamic code analysis, dependency management, container security, and vulnerability scanning tools.

Cloud Infrastructure Management:

Securely configure and manage multi-cloud environments (AWS GovCloud, AWS Government, etc., with a strong emphasis on secure networking, access controls, and IAM policies.

Compliance and Auditing:

Ensure that all processes, pipelines, and infrastructure comply with industry standards (e.g., NIST 800-53, Fed

RAMP, DISA

STIGs), conducting regular security audits, vulnerability assessments, and penetration testing.

• Collaboration with

Engineering and Research Teams:

Work closely with nuclear physics and software teams to incorporate security measures from design through deployment, ensuring software and systems maintain high integrity in classified environments. The successful candidate will be a team player who can both help the development team and know when to ask for help from the development team. We are a small team and must work well together.

Documentation and Knowledge Transfer:

Create and maintain comprehensive security documentation, processes, and playbooks for continuous security improvements in DevSecOps workflows. Required Qualifications

Security and DevOps Expertise:

5+ years of experience in a DevSecOps or Security Engineering role with a focus on building secure CI/CD pipelines for high-security environments.

Clearance Requirement:

Active security clearance. TS/SCI

Technical Skills:

Containerization and Orchestration:

Proficient in Docker, Kubernetes, and Helm with a focus on secure container lifecycle management.

Cloud Security:

Advanced experience with AWS GovCloud, Azure Government, and hybrid cloud environments, including secure VPC setup, IAM, and identity federation.

Automation:

Proficient in scripting (Python, Bash) and infrastructure-as-code tools (e.g., Terraform, Ansible) for automated secure configuration management.

Security Tools:

Hands-on experience with tools such as Fortify, OWASP Dependency Scanner, OWASP ZAP, SonarQube, and GitLab CI/CD with security integrations.

Knowledge of Compliance Standards:

In-depth understanding of

NIST 800-53, NIST

800-171, FedRAMP, and DISA STIGs. Preferred Qualifications

Certifications:

Relevant certifications, such as

CISSP, AWS

Certified Security Specialty, or Certified DevSecOps Professional, are a plus.

Advanced Security Practices:

Experience with zero-trust architecture, secure data workflows, and compliance-driven automation in federal government or DoD environments. Core Professional Competencies

Analytical and Problem-Solving Skills:

Ability to work with complex scientific data and design security solutions that do not compromise operational efficiency.

Collaboration and Communication:

Exceptional interpersonal skills to work effectively with researchers, engineers, and clients within secure environments.

Adaptability:

Flexibility to work with evolving compliance requirements and diverse project demands.

group id:

ClearanceJobsSC N Name Hidden Lead Technical Recruiter Apply now