DevSecOps Engineer - REMOTE - Secret Clearance Required

SOC
Quantico, United States of America
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate

Job location

Quantico, United States of America

Tech stack

Artificial Intelligence
Systems Engineering
Bash
CompTIA Security+
Computer Security
Continuous Integration
Linux
DevOps
Python
Key Management
Prometheus
Runbook
Secure Coding
Security Software
Software Engineering
Policy as Code
Scripting (Bash/Python/Go/Ruby)
Grafana
SC Clearance
Containerization
Gitlab-ci
Kubernetes
Infrastructure Automation Frameworks
Terraform
Data Pipelines
Devsecops
Vulnerability Analysis

Job description

As a DevSecOps Engineer, you will play a critical role in designing, automating, and maintaining secure software delivery pipelines supporting Navy and DoD programs. You'll help build and sustain CI/CD infrastructure, manage hardened Kubernetes environments, automate security compliance, and leverage AI tools to improve engineering efficiency across the software development lifecycle. You'll also collaborate closely with software engineers, systems engineers, and cybersecurity professionals to ensure security is integrated from the beginning of development., You will be responsible for building and maintaining secure delivery infrastructure while supporting modern DevSecOps practices across multiple environments. Responsibilities include:

  • Design, implement, and maintain automated GitLab CI/CD pipelines supporting development, security scanning, compliance validation, and deployment.
  • Build, harden, and manage Kubernetes environments aligned with DISA STIG requirements.
  • Automate security processes including SBOM generation, vulnerability scanning, CVE remediation, and continuous compliance validation.
  • Implement Infrastructure as Code using Terraform and promote GitOps and controls-as-code practices.
  • Utilize AI tools to accelerate pipeline development, vulnerability analysis, compliance remediation, and documentation.
  • Partner with software engineering, systems engineering, and cybersecurity teams to integrate security throughout the development lifecycle.
  • Support deployments across cloud, restricted, and air-gapped environments.
  • Assist Authorization to Operate (ATO) activities through automated evidence generation and documentation-as-code.
  • Develop standards for container security, secrets management, deployment consistency, and pipeline architecture.
  • Contribute to application feature development when needed while applying secure coding principles.
  • Maintain technical documentation including runbooks, deployment guides, and architecture documentation.

Requirements

  • Bachelor's degree and 4+ years of professional DevSecOps or DevOps engineering experience.
  • Hands-on experience designing and maintaining GitLab CI/CD pipelines.
  • Experience administering and securing Kubernetes environments (RKE2 or K3S preferred).
  • Experience implementing DISA STIG compliance within Linux and containerized environments.
  • Proficiency with Terraform or similar Infrastructure as Code tools.
  • Experience with Helm and Kubernetes deployment management.
  • Experience with automated security scanning, SBOM generation, and CVE remediation.
  • Strong scripting skills using Python or Bash.
  • Experience leveraging AI tools to improve engineering workflows.
  • Ability to work independently in a fast-paced, collaborative environment.
  • U.S. Citizen with an active DoD Secret security clearance.

Preferred Qualifications

  • Experience supporting air-gapped or disconnected environments.
  • Experience supporting ATO activities through automation and documentation.
  • Active CompTIA Security+ or equivalent DoD 8570 IAT Level II certification.
  • Experience with secrets management solutions such as Vault, Sealed Secrets, or SOPS.
  • Experience with Prometheus, Grafana, or similar observability platforms.
  • Certified Kubernetes Administrator (CKA) certification or willingness to obtain.
  • Experience implementing policy-as-code, configuration-as-code, documentation-as-code, or similar automation methodologies.

Employment Pre-requisites

The following requirements must be met to be eligible for this position: successful completion of a background investigation and drug urinalysis.

Apply for this position