imagineeer

DevSecOps Engineer

imagineeer

full-time

Posted on:

Location Type: Hybrid

Location: Alabama, Alaska, Arizona, California, Colorado, Connecticut, Florida, Hawaii, Idaho, Illinois, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Minnesota, Mississippi, Missouri, Montana, Nevada, New Hampshire, New Jersey, New Mexico, New York, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, South Dakota, Tennessee, Texas, Utah, Vermont, Virginia, Washington, West Virginia, Wisconsin, Wyoming • 🇺🇸 United States

Visit company website
AI Apply
Apply

Job Level

Mid-LevelSenior

Tech Stack

AnsibleAWSAzureCloudCyber SecurityDockerGoGoogle Cloud PlatformJavaJavaScriptKubernetesMicroservices.NETPythonTerraformTypeScript

About the role

  • Design, build, and maintain GitLab CI/CD pipelines for multiple applications and services (microservices, APIs, infrastructure-as-code).
  • Implement standardized pipeline templates and reusable jobs to support consistent delivery across programs.
  • Integrate automated build, test, security scanning, and deployment steps into GitLab pipelines.
  • Optimize pipeline performance (caching, parallelization, artifact management) to reduce build and deploy times.
  • Embed security controls early and continuously in the pipeline (SAST, DAST, SCA, container scanning, IaC scanning).
  • Automate compliance checks, policy-as-code, and configuration drift detection.
  • Implement and support infrastructure-as-code (IaC) solutions (Terraform, Ansible, CloudFormation, etc.) to provision and manage cloud and on-prem environments.
  • Integrate CI/CD with monitoring, logging, and alerting tools to provide full visibility across the delivery pipeline.
  • Design and operate pipelines aligned with federal security and compliance requirements (e.g., FISMA, NIST 800-53, FedRAMP, Zero Trust principles).
  • Work with ISSOs, AO teams, and security/compliance stakeholders to provide pipeline and environment documentation supporting ATO packages.
  • Ensure secure configuration of build agents, runners, secrets management, and artifact repositories in compliance with agency policies.
  • Partner with development teams to define branching strategies, code review workflows, and release management practices in GitLab.
  • Collaborate with cybersecurity teams to respond to vulnerabilities, findings, and audits, and to implement remediations in code and pipelines.
  • Provide guidance, documentation, and training to engineers and stakeholders on DevSecOps best practices and GitLab usage.
  • Contribute to and enforce standards for coding, configuration management, and deployment processes.

Requirements

  • 5+ years of hands-on experience in DevOps/DevSecOps roles.
  • 3+ years of experience designing and managing GitLab CI/CD pipelines at scale (GitLab SaaS or self-managed).
  • Demonstrated experience supporting federal or public sector programs (civilian, DoD, or health agencies) with understanding of federal security expectations.
  • Strong experience with:
  • CI/CD tools: GitLab CI, runners, GitLab registry.
  • Languages / frameworks: at least one of Python, Java, JavaScript/TypeScript, .NET, Go.
  • Containers & orchestration: Docker, Kubernetes (EKS/AKS/GKE or on-prem equivalents).
  • Infrastructure-as-Code: Terraform and/or Ansible (or equivalent).
  • Security tooling: SAST, DAST, SCA, container image scanning, secrets scanning.
  • Hands-on experience deploying to cloud environments (AWS, Azure, GCP) and/or federal on-prem/private cloud environments.
  • Familiarity with NIST, FedRAMP, Zero Trust, and common federal security control families (access control, configuration management, incident response, audit & accountability).
  • Strong scripting and automation skills (Bash, Python, or similar).
  • Excellent communication skills with the ability to explain complex technical concepts to non-technical stakeholders.
Benefits
  • 401(k) matching
  • Competitive salary
  • Health insurance
  • Paid time off

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
GitLab CI/CDinfrastructure-as-codeTerraformAnsibleDockerKubernetesPythonJavaJavaScriptTypeScript
Soft skills
communicationcollaborationguidancetrainingproblem-solving