FREE ACCESS
5,000–10,000 jobs/day

See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.

Senior DevSecOps Engineer
eSimplicityDevSecOps Engineer partnering with development team for secure engineering and compliance reporting. Position involves working with federal agencies and ensuring security in CI/CD pipelines.
Tech Stack
Tools & technologiesAWSCloudKubernetes
About the role
Key responsibilities & impact- Partner with the development team to implement secure engineering patterns, maintain secure CI/CD pipelines, and remediate vulnerabilities, including contributing code, configuration, pipeline changes, and infrastructure updates where appropriate.
- Design and maintain security gates for code quality, dependency scanning, container image scanning, secrets detection, infrastructure misconfiguration, and policy compliance.
- Support Kubernetes and container security for AWS EKS environments, including image hardening, admission controls, runtime monitoring, network policies, workload identity, secrets management, and least-privilege access patterns.
- Support controls for new tooling/integration usage, the handling of sensitive data, and access controls.
- Help define and enforce secure-by-default engineering standards across the application, infrastructure, and delivery pipeline.
- Help drive the move toward ATO and near-real-time compliance.
- Implement monitoring of production runtime environments for vulnerabilities and compliance drift and make security and compliance reporting available on demand.
- Translate security findings into actionable engineering work items in JIRA and support teams through remediation, validation, and closure.
- Identify, document, and communicate security risks tied to modernization efforts
- Monitor cloud environments using AWS tools
- Participates in Agile processes including daily standups, demos, retrospectives, and sprint planning
- Collaborates with a fully integrated Agile team to deliver continuous improvement to designs, processes, and standards
Requirements
What you’ll need- Bachelor’s degree and four (4) years of specialized information technology experience; OR In lieu of bachelor’s degree, eight (8) years of relevant information technology experience, with at least four (4) years in a specialized experience
- Must be a United States citizen
- Ability to obtain and maintain a Public Trust clearance
- Hands-on experience building and maintaining secure CI/CD pipelines, including automated security testing, vulnerability scanning, secrets detection, artifact signing, and release gates.
- Experience with security automation tools such as SAST, SCA, DAST, container scanning, IaC scanning, secrets scanning, SBOM generation, and policy-as-code.
- Ability to write scripts, pipeline logic, configuration, or automation in support of security and compliance objectives.
- Hands-on experience securing AWS cloud environments including EKS, S3, VPC, Security Hub, Inspector, WAF, and Secrets Manager
- Experience producing security and compliance evidence for federal environments, including continuous monitoring artifacts, control evidence, vulnerability reports, and audit-ready documentation
- Understanding of the Authority to Operate (ATO) process, including POA&Ms and continuous monitoring.
- Understanding of federal security frameworks such as NIST RMF
- Experience working on a fully integrated Agile product team
- Strong documentation and problem-solving skills
- Ability to work in a fast-paced, team-oriented environment
- Experience with Atlassian Jira/Confluence
Benefits
Comp & perks- medical, dental, and vision coverage
- 401(k) retirement benefits
- paid time off
- paid holidays
- life and disability insurance
- additional wellness and employee support programs
ATS Keywords
✓ Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
CI/CD Pipeline SecurityVulnerability ScanningSecrets DetectionInfrastructure SecurityScript WritingPolicy ComplianceContainer SecurityMonitoring and ReportingSecurity Risk DocumentationAutomated Security Testing
Soft Skills
Problem-SolvingDocumentationTeam CollaborationCommunicationAdaptability
Certifications
Public Trust Clearance