Senior DevSecOps Engineer

Description

We are seeking a highly skilled and motivated Senior DevSecOps Engineer with proven experience leading Agile teams. The selected candidate will play a critical role in designing, developing, and implementing DevSecOps practices and tools to enable efficient and secure software delivery pipelines. This position requires strong leadership skills, an in-depth understanding of cloud technologies, security, and Agile frameworks, as well as hands-on expertise in automated software delivery and deployment.

The ideal candidate will be passionate about fostering collaboration, driving innovation through automation, ensuring security is embedded throughout the SDLC (Secure Software Development Lifecycle), and mentoring cross-functional teams in an Agile environment.

Key Responsibilities:

• Establish, maintain, and enforce DevSecOps best practices throughout the software development lifecycle (SDLC).
• Evaluate, integrate, and maintain DevSecOps tools and technologies to build and improve automated CI/CD pipelines.
• Lead Agile teams by facilitating daily stand-ups, sprint planning, reviews, retrospectives, and other Agile ceremonies.
• Ensure that security is a top priority in the design, implementation, and delivery of all development projects.
• Collaborate across teams, including software developers, security engineers, and IT operations, to ensure seamless integration of security practices within workflows.
• Drive team collaboration and communication, fostering a culture of innovation, accountability, and continuous improvement.
• Provide mentorship to development team members on DevSecOps practices, tooling, and Agile methodologies.
• Generate reports and provide updates to leadership on project progress, risks, and implemented security measures.

Qualifications

•  Bachelors and nine (9) years or more experience; Masters and seven (7) years or more experience ; PhD or JD.
• Active Secret-level security clearance and Security+ certification are mandatory.
• At least 8 years of experience in software development, DevOps, or IT operations.
• Minimum of 3 years of leadership experience in an Agile environment, with a proven track record in leading cross-functional teams.
• Strong understanding of Agile methodologies such as Scrum, Kanban, and SAFe.
• Expertise in building and managing CI/CD pipelines with tools such as Jenkins, GitLab CI/CD, or similar.
• Hands-on experience with infrastructure as code (IaC) tools such as Terraform.
• Strong hands-on experience with Kubernetes, container technologies (e.g., Docker), and managing workloads within those platforms.
• Comprehensive understanding of CI/CD pipeline stages (e.g., build, test, security scan, deployment) and best practices for automation.
• Knowledge and experience working in secure environments, specifically Impact Level 6 (IL6) or similarly controlled environments, with a strong understanding of DoD or equivalent compliance frameworks.
• Proficiency in tools for security automation.
• Image Scanning Tools (e.g., Anchore).
• Static Code Analysis Tools (e.g., SonarQube).
• Software Signing Tools (e.g., Cosign) for image and binary integrity verification.
• Hands-on experience with container hardening and vulnerability remediation.
• Build and manage Kubernetes clusters in development, testing, and production environments.
• Proficiency with cloud platforms such as AWS, and container orchestration tools like Kubernetes or Docker.
• In-depth knowledge of secure software development practices and frameworks, including threat modeling, security automation, and vulnerability management.
• Experience with version control systems such as Git and artifact repositories like Artifactory or Nexus
  and four (4) years or more experience.

Target salary range: $120,001 - $160,000. The estimate displayed represents the typical salary range for this position based on experience and other factors.