By Light Professional IT Services

Senior DevSecOps Engineer

By Light Professional IT Services

full-time

Posted on:

Location Type: Hybrid

Location: McLean • Virginia • 🇺🇸 United States

Visit company website
AI Apply
Apply

Job Level

Senior

Tech Stack

AnsibleAWSAzureCloudCyber SecurityDockerKubernetesPythonTerraform

About the role

  • Lead design, implementation, and ongoing management of secure CI/CD pipelines for the DCMA CAFM SaaS environment
  • Enforce DevSecOps best practices by automating vulnerability scanning, code analysis, compliance checks, and remediation processes
  • Collaborate with software developers, cybersecurity analysts, and system administrators to architect highly available, scalable, and compliant cloud-based solutions in accordance with FedRAMP and DoD STIGs
  • Maintain, monitor, and improve infrastructure-as-code deployments, configuration management, and patch management across development, test, staging, and production environments
  • Ensure systems, services, and tools meet RMF, NIST 800-53, IL4, and other DoD cybersecurity requirements and support FISMA compliance
  • Automate deployment, monitoring, backup, and disaster recovery strategies to ensure resilience and business continuity
  • Lead efforts to assess and mitigate risks associated with software supply chain, open-source software usage, and third-party integrations
  • Document DevSecOps processes, configuration changes, and provide training and mentorship to intermediate DevSecOps and development team members
  • Evaluate new tools and technologies to enhance automation, monitoring, and security
  • Participate in Agile sprints, provide input to sprint planning, and collaborate in cross-functional team meetings to align DevSecOps activities with project objectives

Requirements

  • Bachelor’s Degree in Computer Science, Cybersecurity, Information Systems, Engineering, or a related technical field
  • Minimum 7 years’ experience in DevOps/DevSecOps roles
  • At least 3 years supporting cloud-based (SaaS) solutions in DoD, federal, or critical infrastructure environments
  • Demonstrated expertise in deployment and administration of secure CI/CD pipelines
  • Experience with container orchestration (Docker, Kubernetes)
  • Experience with infrastructure-as-code tools (Terraform, Ansible)
  • Experience implementing security automation tools for code analysis, vulnerability scanning, and compliance validation
  • Deep knowledge of FedRAMP, NIST 800-53, RMF, and DoD cloud/security controls
  • Hands-on experience with cloud platforms (AWS GovCloud, Azure Government, or equivalent)
  • Proficiency with scripting languages (Python, Bash, PowerShell)
  • Proficiency with version control systems (Git, GitLab)
  • U.S. citizenship required
  • Preferred: Master’s Degree in Information Security, Computer Science, or related domain
  • Preferred: Experience supporting CAFM, asset management, or facilities management SaaS solutions in federal or DoD settings
  • Preferred: Experience conducting, documenting, and remediating Authority to Operate (ATO) packages and other formal system accreditation processes
  • Preferred: Industry certifications (Certified DevSecOps Professional (CDP), Certified Kubernetes Administrator (CKA), AWS Certified DevOps Engineer or Azure DevOps Expert, CompTIA Security+, CASP+, CISSP, GIAC Certified DevSecOps Professional)
  • Preferred: Familiarity with Section 508 accessibility requirements and secure software supply chain management
  • Preferred: Experience mentoring or leading DevSecOps teams
Benefits
  • Medical, Dental & Vision Coverage
  • Wellness Program
  • 401(k) Matching
  • Disability (Short Term & Long Term)
  • Employee Assistance Program
  • Life Insurance
  • Education & Training
  • Generous Leave Policy (11 Federal Holidays, PTO, and Military Leave)

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
CI/CD pipelinesDevSecOpscloud-based solutionsinfrastructure-as-codecontainer orchestrationsecurity automation toolsscripting languagesversion control systemsvulnerability scanningcompliance validation
Soft skills
collaborationmentorshiprisk assessmentdocumentationtrainingcommunicationleadershipproblem-solvingagile methodologycross-functional teamwork
Certifications
Certified DevSecOps Professional (CDP)Certified Kubernetes Administrator (CKA)AWS Certified DevOps EngineerAzure DevOps ExpertCompTIA Security+CASP+CISSPGIAC Certified DevSecOps Professional