[Hiring] DevSecOps/Cloud Engineer @Simple Technology Solutions

Role Description

Simple Technology Solutions is looking for a DevSecOps/Cloud Engineer to join a federal data engineering team. You will own the deployment infrastructure and security controls for a large-scale federal cloud platform on AWS, keeping mission-critical systems running securely and reliably. A passion for automation, rigorous security discipline, and meticulous compliance with federal deployment standards are prerequisites for this position. This position is contingent upon contract award.

• Design, build, and maintain the program's CICD pipeline using AWS CloudFormation templates and GitHub.
• Automate deployments to staging and production environments ensuring all deployments execute with a single command and trigger AWS Service Catalog product launches to create Lambda functions, SNS topics, and Glue jobs.
• Enforce Immutable Architecture principles across all ETL deployments.
• Use deployment tools, CloudWatch logging, and other approved methods to ensure production and configuration environments remain consistent and controllable.
• Implement and maintain Zero Trust Architecture (ZTA) across the platform per federal Zero Trust mandates.
• Configure and maintain IAM roles, network controls, and application-layer security controls across development, staging, and production environments.
• Integrate automated security scanning into the CICD pipeline — including SAST, OWASP ZAP dynamic scanning, dependency analysis, and government-provided container analysis tools.
• Ensure security scans are completed at least once per sprint and included in the Definition of Done for every user story; document and explain all false positives.
• Manage AWS Secrets Manager for ETL metadata database credentials; ensure certificates and credential configurations are valid and accessible across all environments.
• Conduct periodic load and performance testing; collaborate with the IV&V team to resolve findings.
• Manage the Change Control Board (CCB) submission process; ensure Change Requests are submitted within required timelines and project closeout checklists are completed following successful production deployments.
• Support disaster recovery exercises and actual events to ensure production data loads continue as expected; maintain runbooks and operational procedures.
• Ensure compliance with FISMA, NIST 800-53, OWASP ASVS Level 2, federal software supply chain security requirements, and the Trusted Internet Connections (TIC) Initiative.
• Maintain alignment with agency cloud well-architected principles, S3 standards, and zone-level ingestion rules across all deployed infrastructure.
• Provide pre-production support including deployments and data loads in lower environments; maintain the performance metrics dashboard with real-time data.
• Participate in 2-week sprint ceremonies, quarterly PI planning, and agile delivery using JIRA and GitHub.

Qualifications

• Bachelor's degree or higher in Computer Science, Information Systems, Cybersecurity, or a related field.
• 4+ years of experience in DevSecOps, cloud engineering, or platform engineering on AWS.
• Hands-on experience with AWS CloudFormation, Infrastructure-as-Code deployments, and AWS Service Catalog in a FedRAMP-authorized environment.
• Direct experience with AWS services: Lambda, Glue, S3, CloudWatch, Secrets Manager, SNS, SQS, EventBridge, Step Functions, EC2, and EMR.
• Experience building and maintaining CI/CD pipelines using GitHub Actions or GitLab CI with branch-based deployment models.
• Demonstrated knowledge of Zero Trust Architecture and experience implementing ZTA on AWS per federal mandates.
• Experience with OWASP ZAP, SAST tools, dependency analysis, and container security scanning integrated into CI/CD pipelines.
• Experience with IAM role management, Secrets Manager credential patterns, and certificate management across multi-environment setups.
• Knowledge of FISMA, NIST 800-53, and the federal SDLC/ATO process; federal agency experience strongly preferred.
• Familiarity with Immutable Architecture principles and single-command deployment standards.
• Experience with agile sprint-based delivery, JIRA, GitHub, and CCB process management.
• Must be able to work 8am-5pm Eastern Time regardless of home location; availability for on-call rotation required.
• Active federal public trust suitability determination or ability to obtain one required.

Benefits

• Flexibility to help team members thrive personally and professionally.
• Special incentives for team members living in qualified HUBZones.