DevSecOps Engineer

About

(s with Active public trust are encouraged to apply for this position)

Primary Responsibilities

• Design, build, and maintain a Common Automation Platform supporting CI/CD, security, and infrastructure automation
• Develop reusable automation frameworks, templates, and pipelines for enterprise-wide adoption
• Integrate platform capabilities with internal and external systems via APIs, microservices, and event-driven architectures
• Embed security controls and DevSecOps best practices into platform services and workflows
• Implement infrastructure-as-code (IaC) to provision and manage scalable environments
• Enable self-service capabilities for development teams through automation and platform tooling
• Implement automated security testing including SAST, DAST, container, and dependency scanning
• Support containerized workloads using Docker and Kubernetes
• Apply AI/ML capabilities to enhance automation (e.g., intelligent pipeline optimization, anomaly detection, auto-remediation)
• Collaborate with engineering, security, and operations teams to drive platform adoption and standardization
• Monitor platform performance, reliability, and usage metrics, and continuously improve capabilities
• Ensure compliance with federal security standards and organizational policies

Basic Qualifications

• Bachelor's degree in Computer Science, Engineering, or related field and 4+ years of relevant experience (or equivalent combination of education and experience)
• Experience building or supporting shared platforms, developer platforms, or automation frameworks
• Experience with CI/CD tools such as Jenkins, GitLab CI, or GitHub Actions
• Experience with cloud platforms such as AWS
• Proficiency in scripting or programming languages such as Python or Bash
• Experience with containerization (Docker) and orchestration (Kubernetes)
• Experience with security tools and practices including vulnerability scanning, secrets management, and identity/access management
• Experience with IaC tools such as Terraform
• Familiarity with infrastructure-as-code and configuration management tools
• Strong problem-solving skills and ability to work in a collaborative team environment

Preferred Qualifications

• Experience designing or implementing internal developer platforms (IDP) or platform engineering concepts
• Experience applying AI/ML or intelligent automation within DevSecOps pipelines
• Familiarity with MLOps concepts and frameworks
• Knowledge of federal security frameworks such as NIST RMF, NIST 800-53, or CIS benchmarks
• Experience developing and integrating RESTful APIs and distributed systems
• Experience with observability and monitoring tools (e.g., Prometheus, Grafana, ELK stack)
• Experience with serverless and event-driven architectures
• Relevant certifications (e.g., AWS Certified DevOps Engineer, Certified Kubernetes Administrator, Security+)

Key Skills

• Platform engineering and automation mindset
• Systems integration and API development
• Cloud-native architecture
• Security-first engineering
• Analytical thinking and troubleshooting
• Strong written and verbal communication skills