Today
Top Secret
Unspecified
Unspecified
Malibu, CA (On-Site/Office)
DevSecOps Engineer needed for a Contract to Hire opportunity with SOC's client to work onsite in Malibu, CA.
*Candidates must have an active Top Secret or TS/SCI clearance to be considered for this role.
Overview:
Our client is seeking a hands on DevSecOps Engineer to build and mature secure DevSecOps practices in a research and development environment. The engineer will evaluate the current environment, recommend tools and architectures, implement secure CI/CD pipelines, integrate security controls, and train internal teams on DevSecOps best practices. The ideal candidate brings outside experience and can tailor solutions to client's environment rather than applying a one size fits all approach.
Key Responsibilities:
• Assess the current software build and deployment environment and identify gaps in DevSecOps maturity.
• Evaluate and recommend DevSecOps tools and architectures based on mission needs and security requirements.
• Design and implement secure CI/CD pipelines using platforms such as GitLab, Jenkins, GitHub Actions, or Azure DevOps.
• Integrate automated security scanning, code quality checks, artifact scanning, and compliance validation directly into the pipeline.
• Implement and manage containerization and orchestration technologies such as Docker and Kubernetes.
• Apply Infrastructure as Code practices using tools such as Terraform or Ansible.
• Translate RMF and cybersecurity requirements into technical implementation steps for development and platform teams.
• Provide hands on guidance to developers and engineers on secure coding, pipeline usage, and vulnerability remediation.
• Develop documentation, standard operating procedures, and internal training materials.
• Research and recommend new technologies and approaches to strengthen DevSecOps maturity.
Required Qualifications:
• Active Top Secret or TS/SCI clearance.
• Bachelor's degree in Computer Science, Cybersecurity, Engineering, or related field. Relevant experience may be considered in lieu of a degree for highly qualified candidates.
• Minimum 7 years of experience as a DevSecOps Engineer, Platform Engineer, System Security Engineer, or similar engineering role.
• Hands on experience architecting and implementing CI/CD pipelines.
• Strong experience with containerization technologies such as Docker and Kubernetes, including secure image management.
• Infrastructure as Code experience (Terraform, Ansible, or similar).
• Experience integrating security tools such as SAST, DAST, SCA, vulnerability scanning, or code quality gates into development workflows.
• Strong understanding of secure software development practices and common vulnerability mitigation techniques.
• Proficiency in scripting or automation (Python, Bash, or similar).
• Ability to train and mentor others and work collaboratively with development and research teams.
• DoD 8570.01-M IAT Level II (or higher) certification (Security+, CySA+, GSEC, GICSP, CISSP).
• At least one relevant technical security certification such as CSSLP, GCSA, GWAPT, OSCP, or equivalent.
Preferred Experience:
• Background supporting secure research or classified computing environments.
• Familiarity with RMF, STIGs, SCAP, or similar compliance frameworks.
• Experience with multilevel or cross-domain network environments.
• Experience securing software supply chains and artifact workflows.
Employment Prerequisites
The following requirements must be met to be eligible for this position: successful completion of a background investigation and d rug urinalysis.
SOC, a Day & Zimmermann company, is an Equal Opportunity Employer,EOE AA M/F/Vet/Disability.
Note: Any pay ranges displayed are estimations, which may have been provided by job boards. Actual pay is determined by an applicant's experience, technical expertise, and other qualifications as listed in the job description. All qualified applicants are welcome to apply.
#INDSOC
Estimated Min Rate: $59.50
Estimated Max Rate: $85.00
*Candidates must have an active Top Secret or TS/SCI clearance to be considered for this role.
Overview:
Our client is seeking a hands on DevSecOps Engineer to build and mature secure DevSecOps practices in a research and development environment. The engineer will evaluate the current environment, recommend tools and architectures, implement secure CI/CD pipelines, integrate security controls, and train internal teams on DevSecOps best practices. The ideal candidate brings outside experience and can tailor solutions to client's environment rather than applying a one size fits all approach.
Key Responsibilities:
• Assess the current software build and deployment environment and identify gaps in DevSecOps maturity.
• Evaluate and recommend DevSecOps tools and architectures based on mission needs and security requirements.
• Design and implement secure CI/CD pipelines using platforms such as GitLab, Jenkins, GitHub Actions, or Azure DevOps.
• Integrate automated security scanning, code quality checks, artifact scanning, and compliance validation directly into the pipeline.
• Implement and manage containerization and orchestration technologies such as Docker and Kubernetes.
• Apply Infrastructure as Code practices using tools such as Terraform or Ansible.
• Translate RMF and cybersecurity requirements into technical implementation steps for development and platform teams.
• Provide hands on guidance to developers and engineers on secure coding, pipeline usage, and vulnerability remediation.
• Develop documentation, standard operating procedures, and internal training materials.
• Research and recommend new technologies and approaches to strengthen DevSecOps maturity.
Required Qualifications:
• Active Top Secret or TS/SCI clearance.
• Bachelor's degree in Computer Science, Cybersecurity, Engineering, or related field. Relevant experience may be considered in lieu of a degree for highly qualified candidates.
• Minimum 7 years of experience as a DevSecOps Engineer, Platform Engineer, System Security Engineer, or similar engineering role.
• Hands on experience architecting and implementing CI/CD pipelines.
• Strong experience with containerization technologies such as Docker and Kubernetes, including secure image management.
• Infrastructure as Code experience (Terraform, Ansible, or similar).
• Experience integrating security tools such as SAST, DAST, SCA, vulnerability scanning, or code quality gates into development workflows.
• Strong understanding of secure software development practices and common vulnerability mitigation techniques.
• Proficiency in scripting or automation (Python, Bash, or similar).
• Ability to train and mentor others and work collaboratively with development and research teams.
• DoD 8570.01-M IAT Level II (or higher) certification (Security+, CySA+, GSEC, GICSP, CISSP).
• At least one relevant technical security certification such as CSSLP, GCSA, GWAPT, OSCP, or equivalent.
Preferred Experience:
• Background supporting secure research or classified computing environments.
• Familiarity with RMF, STIGs, SCAP, or similar compliance frameworks.
• Experience with multilevel or cross-domain network environments.
• Experience securing software supply chains and artifact workflows.
Employment Prerequisites
The following requirements must be met to be eligible for this position: successful completion of a background investigation and d rug urinalysis.
SOC, a Day & Zimmermann company, is an Equal Opportunity Employer,EOE AA M/F/Vet/Disability.
Note: Any pay ranges displayed are estimations, which may have been provided by job boards. Actual pay is determined by an applicant's experience, technical expertise, and other qualifications as listed in the job description. All qualified applicants are welcome to apply.
#INDSOC
Estimated Min Rate: $59.50
Estimated Max Rate: $85.00
group id: cxhlpand
Diversity is one of our core values as a Company, and it’s also something very personal and unique to each employee. Who better to tell our story of diversity than the people who are part of that story. “The Many Diverse Voices of Betterment” shares how our unique backgrounds and perspectives make us stronger, together, as a Company as a whole, and as individuals. Our diverse and inclusive culture and what diversity means at SOC and Day & Zimmermann is told through personal, unscripted first-person narratives.
