Design, implement, and maintain DevSecOps CI/CD pipelines that support secure, automated software delivery
Automate functional testing and integrate automated test cases into the DevSecOps pipeline prior to deployment authorization
Ensure system deliverables are architected to fully leverage Continuous Integration and Continuous Delivery (CI/CD) capabilities
Support quarterly Agile sprint cycles, delivering bug fixes, emergency priority updates, and minor system enhancements
Apply DoD Application Security and Development (ASD) STIG requirements to software architecture, development, and deployment processes
Implement secure coding best practices, including adherence to OWASP security principles
Conduct application security scans using tools such as Fortify and Sonatype, and remediate or mitigate identified vulnerabilities in accordance with Cyber Hardening Policies
Support the migration and deployment of applications to Cloud Service Providers (CSPs) in compliance with the DoD Cloud Computing Security Requirements Guide (SRG)
Operate and maintain development, test, and production environments within IL4 or IL5 cloud environments supporting Controlled Unclassified Information (CUI)
Collaborate with development, operations, and security teams to ensure systems remain secure, compliant, and operationally resilient

Requirements

DoD Clearance not Required
Ability to obtain and maintain a Tier 3 (T3) background investigation for Noncritical-Sensitive position; Tier 5 (T5) required for privileged access role
Prior experience supporting DMDC or DHRA systems
Experience designing and managing CI/CD pipelines and DevSecOps automation frameworks
Experience working within AWS GovCloud or other DoD-authorized cloud environments
Strong technical experience with Oracle databases, SQL, Apache, and Tomcat environments
Experience with DevSecOps and security tools such as Jenkins, Fortify, Sonatype, and JIRA
Knowledge of DoD Risk Management Framework (RMF) processes and eMASS
Experience implementing NIST SP 800-53 security controls and DISA STIG requirements
Familiarity with Agile/Scrum development methodologies
Strong understanding of secure coding practices and OWASP security standards
Experience with MicroStrategy reporting platforms

Benefits

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

DevSecOpsCI/CD pipelinesautomated testingsecure codingapplication security scansOracle databasesSQLApacheTomcatMicroStrategy

Soft Skills

collaborationproblem-solvingcommunicationadaptabilityattention to detail

Certifications

NIST SP 800-53DISA STIG