Job Requirements
Tampa, FL
Intel Agency (NSA, CIA, FBI, etc) Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
The Opportunity
We are seeking a DevSecOps Engineer with deep Kubernetes expertise to design, implement, and maintain secure, scalable cloud-native platforms. This role bridges development, security, and operations to embed security throughout the software delivery lifecycle while enabling high-velocity engineering teams.
Key Responsibilities (Principal Duties and Accountabilities *Essential Functions)
Platform & Infrastructure
DevSecOps & CI/CD
Security & Compliance
Observability & Reliability
Collaboration & Developer Enablement
We are seeking a DevSecOps Engineer with deep Kubernetes expertise to design, implement, and maintain secure, scalable cloud-native platforms. This role bridges development, security, and operations to embed security throughout the software delivery lifecycle while enabling high-velocity engineering teams.
Key Responsibilities (Principal Duties and Accountabilities *Essential Functions)
Platform & Infrastructure
- Design, provision, and maintain production Kubernetes clusters (RKE2 / EKS / GKE / AKS) across cloud and on-premises environments
- Manage cluster lifecycle: upgrades, node pool scaling, multi-tenancy, and namespace governance
- Implement and maintain CNI solutions (Calico, Cilium, Multus) including advanced networking topologies such as macvlan and SR-IOV
- Operate GitOps workflows (e. g. ArgoCD) for declarative, auditable cluster state management
- Develop and maintain Helm charts for platform and application services
DevSecOps & CI/CD
- Build and maintain CI/CD pipelines in GitLab CI (and/or GitHub Actions) with integrated security scanning and artifact signing
- Integrate SAST, DAST, SCA, and container image scanning (Trivy, Grype, Semgrep) into pipeline gates
- Implement supply-chain security controls: SBOM generation, cosign image signing, and Sigstore policy enforcement
- Automate OS image builds using Packer (QEMU, vSphere) targeting RHEL, AlmaLinux, Debian/Ubuntu, and Windows
- Manage secrets at scale using Vault, External Secrets Operator, or equivalent solutions
Security & Compliance
- Enforce runtime security through admission controllers (Kyverno / OPA Gatekeeper), Pod Security Standards, and network policies
- Own vulnerability management processes including scheduled scanning, triage, and remediation SLAs
- Support compliance initiatives (SOC 2, FedRAMP, NIST 800-53) by maintaining audit-ready infrastructure-as-code and evidence artifacts
- Conduct threat modeling and security architecture reviews for new platform capabilities
- Respond to and lead post-mortems for security incidents and infrastructure outages
Observability & Reliability
- Deploy and operate observability stacks: Prometheus, Grafana, Loki, and OpenTelemetry collectors
- Define and track SLOs/SLAs; build alerting and on-call runbooks to drive reliability improvements
- Implement cost observability and right-sizing workflows for cloud and on-prem workloads
Collaboration & Developer Enablement
- Partner with development teams to design deployment patterns, resource quotas, and autoscaling strategies
- Produce clear documentation, runbooks, and internal training materials for platform capabilities
- Mentor junior engineers and participate in architecture decision records (ADRs)
group id: 91074966