DevSecOps Engineer (TS/SCI-- Gaithersburg, MD)

DevSecOps Engineer

Primary Responsibilities:

• CI/CD Pipelines:Design, implement, and maintain secure CI/CD pipelines supporting microservices and container-based deployments.
• Containerization & Orchestration:Support containerized environments using Docker and orchestration platforms such as Kubernetes or OpenShift.
• Infrastructure as Code (IaC):Manage and monitor infrastructure using tools such as Terraform or CloudFormation.
• Cloud Infrastructure:Support secure provisioning, configuration, and monitoring of cloud environments (e.g., AWS, Azure).
• Shift-Left Security:Integrate security tools and best practices into development workflows, including static and dynamic code analysis.
• Environment Hardening:Collaborate with engineering and security teams to harden environments and secure cloud-native architectures.
• Troubleshooting & Support:Diagnose and resolve issues related to builds, deployments, and system performance.
• Compliance Support:Conduct vulnerability assessments and assist in compliance activities aligned with RMF, STIGs, or related security frameworks.
• Documentation & Process Improvement:Document configurations and contribute to continuous improvement of DevSecOps processes and tooling.

Basic Qualifications:

• US citizenship is required per contract.
• Bachelor’s degree in Computer Science, Engineering, or related discipline with 4–8 years of relevant experience; or Master’s degree with 2–6 years of relevant experience.
• CI/CD Tools:Hands-on experience with tools such as Jenkins, GitLab CI, GitHub Actions, or similar platforms.
• Scripting & Automation:Proficiency in scripting languages such as Python, Bash, or PowerShell.
• Infrastructure as Code:Experience using Terraform, CloudFormation, or similar tools.
• Cloud Platforms:Experience working within AWS, Azure, or similar cloud environments.
• Containerization:Experience with Docker.
• Orchestration:Experience with Kubernetes, OpenShift, or similar platforms.
• Secure Engineering Practices:Working knowledge of secure coding practices, vulnerability management, and code scanning tools.

Preferred Qualifications:

• Knowledge of Zero Trust Architecture principles.
• Industry certifications such as AWS Certified DevOps Engineer, CKA, Security+, or GIAC certifications.