Sr. Cybersecurity / DevSecOps Engineer

• The Sr. Cybersecurity / DevSecOps Engineer provides cybersecurity engineering and DevSecOps support ensuring TADSS software, systems, and integrated capabilities are designed, developed, tested, deployed, and sustained with security embedded throughout the lifecycle. The individual supports secure, resilient, and compliant delivery of training systems across development, integration, and operational environments.
• Responsibilities include integrating cybersecurity requirements and controls into system architectures and DevSecOps pipelines; supporting secure software development practices; and implementing automation to enable continuous integration, testing, security scanning, and deployment of TADSS capabilities. The Sr. Cybersecurity / DevSecOps Engineer collaborates with systems engineers, software engineers, test engineers, and acquisition personnel to ensure cybersecurity considerations are incorporated into TADSS design, integration, and modernization efforts.
• Additional duties include supporting Risk Management Framework (RMF) activities; assisting with system categorization, control implementation, assessment, and authorization artifacts; supporting vulnerability scanning, remediation, and continuous monitoring; and implementing identity, credential, and access management (ICAM) controls. The role supports cybersecurity documentation, security test results, and compliance evidence and assists with security validation during integration, testing, and Government Acceptance Testing (GAT).
• The Sr. Cybersecurity / DevSecOps Engineer provides technical recommendations to improve system security, automation, and resilience and supports continuous improvement of secure DevSecOps practices across portfolios.

• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, Engineering, or a related technical discipline
• Minimum of 10 years of experience supporting cybersecurity engineering, DevSecOps, or secure system development within a DoD or Federal environment
• Demonstrated experience with:

• Secure software development and DevSecOps pipelines
• CI/CD automation and tooling
• RMF or similar cybersecurity compliance frameworks
• Vulnerability scanning and remediation
• Security monitoring and incident response support
• Collaboration across engineering, test, and acquisition teams

• Experience supporting Army training systems
• Familiarity with:

• TADSS architectures and software-intensive training systems
• DevSecOps tools (e.g., Git-based repositories, CI/CD platforms, container security)
• NIST SP 800-series publications and RMF tools

• Certifications such as:

• Security+, CISSP, CISM, or similar
• Cloud security or DevSecOps certifications

• Active Secret clearance is required

This is a full-time position paying a base salary, full benefits, and has possible bonus potential based on merit and performance. To be considered for this position, please apply online with a resume.

Optimal Solutions & Technologies (OST, Inc.) is focused on excellence. We specialize in providing Management Consulting, Information Technology, and Research Development and Engineering services. The fundamental distinction of the OST team is its business knowledge in both the public and private sectors. We serve the aerospace & transportation, association & nonprofit, defense, education, energy, financial, healthcare, and technology & telecommunications industries. OST is successful because we listen to our clients, we learn from our clients, and we know our clients.