Senior DevSecOps Engineer

We have an urgent opening for a highly experienced Senior DevSecOps Engineer to support federal workloads operating in AWS GovCloud. This hybrid position focuses on DevSecOps best practices, cloud automation, security and regulatory compliance, and CI/CD engineering to strengthen the security, scalability, and performance of mission‑critical government applications.

Role requirements

• US citizenship, with the ability to obtain and successfully hold a DoD Secret security clearance.
• Active Security+ certification and AWS Certified Security (or equivalent AWS security certification).
• A minimum of 7 years of hands‑on experience in DevSecOps, cloud engineering, or infrastructure automation positions.
• Demonstrated, in‑depth knowledge of AWS GovCloud services, secure configuration, and federal compliance frameworks.
• Practical experience with CI/CD platforms such as GitLab CI/CD, Jenkins, AWS CodePipeline, or comparable tooling.
• Strong background with Infrastructure as Code using Terraform, CloudFormation, and Ansible for provisioning and configuration management.
• Hands‑on proficiency with containerization and orchestration technologies, including Docker, Kubernetes, EKS, ECS, and Fargate.
• Solid understanding of AWS security services and capabilities such as AWS IAM, GuardDuty, Security Hub, AWS KMS, AWS WAF, AWS Config, and AWS Secrets Manager.
• Working knowledge of federal cybersecurity requirements and frameworks such as RMF, NIST 800‑171/800‑53, STIGs, and Zero Trust concepts.
• Proven experience implementing automated security testing and vulnerability management, including SAST, DAST, vulnerability scanning, and SBOM creation and management.
• Strong scripting skills in Python, Bash, or PowerShell to support automation, security enforcement, and integration across the toolchain.

Core responsibilities

• DevSecOps Pipeline Development: Engineer and refine CI/CD pipelines with tools such as GitLab CI/CD, Jenkins, AWS CodePipeline, and Terraform to automate application delivery and enforce security/compliance controls.
• AWS GovCloud Architecture & Management: Architect, deploy, and sustain secure, scalable, and compliant AWS GovCloud environments serving DoD and Civilian agency systems.
• Infrastructure as Code (IaC): Use Terraform, AWS CloudFormation, and Ansible to provision and configure infrastructure as code, enabling consistent, repeatable, and auditable environments.
• Security & Compliance: Maintain alignment with federal cybersecurity standards and frameworks (including NIST 800‑171, NIST 800‑53, RMF, FedRAMP, and Zero Trust), implementing STIGs, hardened baselines, and automated SAST/DAST security scanning.
• Containerization & Orchestration: Deploy and operate Docker containers and Kubernetes workloads within AWS GovCloud, utilizing services such as Amazon EKS, ECS, and Fargate.
• Monitoring & Incident Response: Configure and manage monitoring, logging, and compliance reporting with AWS CloudWatch, AWS Security Hub, GuardDuty, Splunk, or ELK to support proactive detection and incident response.
• Automation & Scripting: Create and maintain automation scripts using Python, Bash, or PowerShell to streamline deployments and enforce security and configuration policies.
• Collaboration & Knowledge Sharing: Partner closely with software engineers, cybersecurity personnel, and cloud engineers to embed security and automation throughout the SDLC and promote DevSecOps culture and best practices.