DevSecOps Engineer

About

The DevSecOps Engineer will help design, develop, and implement solutions for one of our government customers.

U.S. citizenship is required for this role. In addition, the selected applicant must submit to a government background investigation and be favorably adjudicated before their first day.

This is a full-time, short-term position (September 2026). There is a remote possibility that this role may be extended past this date. This is primarily a remote position. However, the selected candidate may be required to be on site occasionally and therefore must live within commuting distance of Washington, D.C.

Responsibilities

• Design, implement, and maintain CI/CD pipelines in an AWS environment, leveraging tools like GitLab.
• Manage and deploy containerized applications using Kubernetes and Docker in an AWS environment.
• Configure and maintain AWS environments for various applications, including defining and applying baselines and security policies.
• Implement security best practices throughout the DevSecOps lifecycle, focusing on vulnerability management and secure configuration.
• Integrate SAST and DAST tools, such as Sonarqube and Invicti, into the CI/CD pipeline for analysis of code and container images.
• Ensure application security specifically for containers in the Kubernetes and AWS environments.
• Collaborate with development teams to resolve security vulnerabilities reported by tools like Tenable and track resolution progress.
• Automate deployment and configuration management tasks across development, test, and production environments, leveraging tools like Ansible.
• Implement and maintain monitoring and logging solutions (e.g. Splunk or ELK Stack) to ensure system uptime, performance, and application health.
• Support platform operations, including updates, patching, and system maintenance for the underlying AWS cloud infrastructure.
• Review and suggest improvements and changes to the current cloud architecture to aid in scaling cloud presence.

Required Skills

• Five (5) plus years of experience in DevSecOps engineering, with at least 3+ years managing and maintaining AWS ecosystems.
• Expertise in managing and deploying containerized applications using Kubernetes and Docker.
• Proficiency with AWS cloud security, including configuring baselines and security policies to create a Zero Trust Architecture for tools such as encrypted S3 buckets, IAM role, and service/network logging.
• Proficiency in designing, implementing, and maintaining CI/CD pipelines using tools such as GitLab, and utilizing tools, such as Terraform or Cloud Formation, to implement an Infrastructure as Code methodology.
• Hands-on experience with security scanning and analysis tools, including SAST/DAST (e.g., Sonarqube, Invicti) and vulnerability management (e.g., Tenable);
• Ability to work in an agile or iterative development environment.
• Experience authoring and debugging Dockerfiles for web applications, preferably for Docker images using Java or Angular.
• Experience standing up and managing an AWS/Gitlab architecture, preferably in a non-DOD federal government space.

Preferred Skills

• DevSecOps relevant certifications in Cloud platforms (AWS preferred).
• Experience ensuring application security for Java Spring Boot API containers.
• Practice working with regulatory, legal, or government data sets.

Education

• Bachelor's degree in Information Systems, Computer Engineering, Computer Science or a related discipline.

Benefits

Our B Corp mission is reflected in our benefits, including offerings like health care, 401K, parental leave, adoption assistance, financial planning services, student loan repayment assistance, and training budget. There's more, .

Salary Range

$140,000 - $160,000