Job Requirements
Ogden, UT
Clearance Unspecified Polygraph not specified
Early Career (2+ yrs experience)
$100,000 - $120,000
Job Description
Role : DevOps Security Engineer ( US citizen)
Location : Ogden, UTAH ( 100% Onsite role., NO REMOTE !! )
*** MUST relocate off their own to Ogden, Utah, if not local to that area
*** US Citizens only with active clearance REQUIRED
Blue Yonder Defense Solutions (BYDS) is seeking a DevSecOps Engineer to help integrate security practices into our software development and DevOps processes. This role will work closely with development, QA, and operations teams to build and maintain secure CI/CD pipelines, automate security testing, and ensure our platforms and applications meet enterprise security standards.The ideal candidate is passionate about automation, cloud-native security, and secure software delivery, and has experience embedding security into modern DevOps environments.
Primary Duties and Responsibilities
DevSecOps Implementation
Design and implement security controls within CI/CD pipelines to ensure secure software delivery.
Integrate automated security testing tools such as SAST, DAST, SCA, and container scanning.
Embed security checks into build and deployment processes to identify vulnerabilities early in the SDLC.
Platform & Infrastructure Security
Work with DevOps teams to secure cloud infrastructure, containers, and Kubernetes environments.
Implement Infrastructure-as-Code security scanning and policy enforcement.
Automation & Tooling
Develop automation scripts and integrations to support security workflows.
Maintain and enhance CI/CD platforms and pipeline security tooling.
Integrate vulnerability management tools with development workflows.
Collaboration
Partner with developers and QA teams to promote secure coding practices.
Assist engineering teams in remediating vulnerabilities identified during testing and scanning.
Collaborate with internal and customer security teams to implement organizational security standards.
Compliance & Governance
Support security compliance requirements such as SOC2, FedRAMP, or DoD security standards where applicable.
Assist with security audits and vulnerability remediation tracking.
Help maintain documentation of DevSecOps processes and controls.
Required Qualifications
3–6 years of experience in DevOps, DevSecOps, or security engineering.
Experience building and maintaining CI/CD pipelines (GitHub Actions, Jenkins, GitLab CI, or similar).
Familiarity with cloud platforms such as AWS, Azure, or GCP.
Experience with container technologies (Docker, Kubernetes).
Understanding of secure software development lifecycle (SSDLC) practices.
Experience integrating security tools such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), Container vulnerability scanning
Scripting experience (Python, Bash, or similar).
Familiarity with Infrastructure as Code tools (Ansible, Terraform, CloudFormation, etc.).
Preferred Qualifications
Experience implementing DevSecOps practices in enterprise software environments.
Knowledge of container and Kubernetes security best practices.
Experience with secrets management solutions (Vault, AWS Secrets Manager, Azure Key Vault).
Familiarity with security frameworks such as NIST, CIS Benchmarks, OWASP Top 10
Experience supporting government or regulated environments (FedRAMP, DoD Impact Levels, etc.).
Security certifications such as Security+, CISSP (associate level), Certified Kubernetes Security Specialist (CKS)
Key Skills
DevSecOps and secure SDLC
CI/CD automation
Cloud security
Container and Kubernetes security
Vulnerability management
Infrastructure as Code
Security tooling integration
Additional Skills
Must be well versed in working with a diverse group of stakeholders - business analysts, solution architects, technical managers, developers, QA, customer IT
• Excellent communication (verbal and written) and interpersonal skills
Ability to work while embedded in customers’ teams remotely
• High degree of initiative and ownership to take a task and own it from inception to completion
Location : Ogden, UTAH ( 100% Onsite role., NO REMOTE !! )
*** MUST relocate off their own to Ogden, Utah, if not local to that area
*** US Citizens only with active clearance REQUIRED
Blue Yonder Defense Solutions (BYDS) is seeking a DevSecOps Engineer to help integrate security practices into our software development and DevOps processes. This role will work closely with development, QA, and operations teams to build and maintain secure CI/CD pipelines, automate security testing, and ensure our platforms and applications meet enterprise security standards.The ideal candidate is passionate about automation, cloud-native security, and secure software delivery, and has experience embedding security into modern DevOps environments.
Primary Duties and Responsibilities
DevSecOps Implementation
Design and implement security controls within CI/CD pipelines to ensure secure software delivery.
Integrate automated security testing tools such as SAST, DAST, SCA, and container scanning.
Embed security checks into build and deployment processes to identify vulnerabilities early in the SDLC.
Platform & Infrastructure Security
Work with DevOps teams to secure cloud infrastructure, containers, and Kubernetes environments.
Implement Infrastructure-as-Code security scanning and policy enforcement.
Automation & Tooling
Develop automation scripts and integrations to support security workflows.
Maintain and enhance CI/CD platforms and pipeline security tooling.
Integrate vulnerability management tools with development workflows.
Collaboration
Partner with developers and QA teams to promote secure coding practices.
Assist engineering teams in remediating vulnerabilities identified during testing and scanning.
Collaborate with internal and customer security teams to implement organizational security standards.
Compliance & Governance
Support security compliance requirements such as SOC2, FedRAMP, or DoD security standards where applicable.
Assist with security audits and vulnerability remediation tracking.
Help maintain documentation of DevSecOps processes and controls.
Required Qualifications
3–6 years of experience in DevOps, DevSecOps, or security engineering.
Experience building and maintaining CI/CD pipelines (GitHub Actions, Jenkins, GitLab CI, or similar).
Familiarity with cloud platforms such as AWS, Azure, or GCP.
Experience with container technologies (Docker, Kubernetes).
Understanding of secure software development lifecycle (SSDLC) practices.
Experience integrating security tools such as Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), Container vulnerability scanning
Scripting experience (Python, Bash, or similar).
Familiarity with Infrastructure as Code tools (Ansible, Terraform, CloudFormation, etc.).
Preferred Qualifications
Experience implementing DevSecOps practices in enterprise software environments.
Knowledge of container and Kubernetes security best practices.
Experience with secrets management solutions (Vault, AWS Secrets Manager, Azure Key Vault).
Familiarity with security frameworks such as NIST, CIS Benchmarks, OWASP Top 10
Experience supporting government or regulated environments (FedRAMP, DoD Impact Levels, etc.).
Security certifications such as Security+, CISSP (associate level), Certified Kubernetes Security Specialist (CKS)
Key Skills
DevSecOps and secure SDLC
CI/CD automation
Cloud security
Container and Kubernetes security
Vulnerability management
Infrastructure as Code
Security tooling integration
Additional Skills
Must be well versed in working with a diverse group of stakeholders - business analysts, solution architects, technical managers, developers, QA, customer IT
• Excellent communication (verbal and written) and interpersonal skills
Ability to work while embedded in customers’ teams remotely
• High degree of initiative and ownership to take a task and own it from inception to completion
group id: RTL77263