CI/CD Infrastructure Software Engineer 3

At ULA, our mission success depends on a secure, reliable, and highperforming software development ecosystem. As a CI/CD Infrastructure Software Engineer specializing in AppSec and Operations, you will play a critical role in maintaining and advancing ULA's core CI/CD toolchain, including GitLab, Artifactory, XRay, and SonarQube. In this role, you will support tool uptime, execute security scanning workflows, troubleshoot pipeline and runner issues, and ensure that ULA's development environment meets rigorous audit, compliance, and reliability standards. You will partner across Software Engineering, Cybersecurity, and Cloud teams to strengthen secure coding practices and deliver stable, missionaligned development infrastructure that enables engineers to build with confidence., * Perform daytoday operations for CI/CD tools (Artifactory/XRay/SonarQube/GitLab) including:

• User access, permission updates, and audit support
• Backup/restore tasks
• Monitoring, alert response, and system health checks
• Package and artifact lifecycle management

• Support quarterly upgrade cycles, configuration fixes, and stability improvements.

Security Scanning & Remediation Support

• Execute routine security scans across tools and pipelines.
• Review, triage, and escalating CVE or policy violations.
• Assist SWE teams in interpreting scanner reports and preparing remediation tasks.

Pipeline Support

• Assist CI/CD engineers and developers with pipeline break/fix issues.
• Maintain reliable builds for Software Engineering Teams by supporting artifact availability, scanner health, and GitLab runner readiness.

Compliance & Documentation

• Participate in Cybersecurity Maturity Model Certification (CMMC) and National Institute of Standards and Technology (NIST) related remediation work through accurate documentation, required evidence capture, and execution of recurring security activities.

Collaboration & Communication Expectations

• Work closely with senior engineers, including members of Cloud, CI/CD Infrastructure, and CI/CD Pipelines, on shared engineering tasks.
• Provide timely support to Software Engineering Teams during migrations, scanning cycles, or code delivery events.
• Communicate clearly with crossfunctional teams.

• Experience supporting and operating on-prem and cloud based Continuous Integration / Continuous Deployment (CI/CD) platforms, including:

• JFrog Artifactory lifecycle management and repository governance
• JFrog XRay scanning management and policy enforcement
• SonarQube configuration, ruleset updates, and remediation workflows
• GitLab runners, permissions, and basic pipeline troubleshooting

Application Security (AppSec) Foundations

• Understanding of secure coding concepts, static analysis, dependency scanning, Common Vulnerabilities and Exposures (CVE) identification, and application security remediation workflows.
• Ability to execute scanning routines, analyze findings, open remediation tasks, and support the secure coding dashboard & remediation cycle.

Cloud & Containerization Familiarity

• Basic handson experience with Amazon Web Services (AWS) core services, especially those relevant to CI/CD and scanning pipelines (S3, IAM, EC2/EKS).
• Familiarity with Kubernetes concepts and supporting Kubernetes based workloads.

Infrastructure as Code & Automation

• Foundational experience with Infrastructure as Code (IaC) or automation tooling such as Terraform, Ansible, Bash/Python scripting.
• Ability to follow established IaC patterns to support CI/CD infrastructure updates, maintenance tasks, and access configurations., Minimum of 4 years of related work experience, * Bachelor's degree in a STEM (Science, Technology, Engineering, Mathematics) field from an accredited college or university
• 4+ years of experience in DevOps, Cloud Engineering, Application Security (AppSec), or Software Engineering
• Experience supporting production CI/CD systems or DevSecOps workflows
• Handson experience with the following: GitLab, Artifactory, SonarQube, or security scanning tools
• Intermediate understanding of software build pipelines, package repositories, and code quality concepts
• Familiarity with AWS fundamentals and containerization concepts (Docker/Kubernetes)
• Ability to follow runbooks, execute operational tasks reliably, and document changes clearly
• Exposure to security frameworks or auditdriven engineering tasks
• Mid-to-senior level experience with Terraform or another IaC tool

Preferred Qualifications

• Interest in automation, efficiency improvements, and evolving CI/CD and AppSec capability
• Any of the following certificates is a plus

$113,122.00 - $188,537.00 paid time off, 401(k), We offer our employees competitive pay and benefits including:

• 401(k) match plus an additional employer contribution
• Discretionary annual incentive bonus for eligible employees
• Generous paid time off
• Flexible work environments

Additionally, most salaried ULA team members work a "9/80 schedule," meaning they enjoy every other Friday off.

Benefits and work schedules may vary for union-represented hourly positions and are described in the applicable collective bargaining agreement.

ULA is a participant in the federal E-Verify Program. Posters in PDF format pertaining to this program can be accessed by clicking on the links identified below. E-Verify Participation poster (English / Spanish) and Right to Work Poster (English / Spanish).