[Hiring] DevSecOps Engineer @GeoDelphi

Role Description

We are seeking a highly experienced Senior DevSecOps Engineer to join our team and play a key role in strengthening our cybersecurity posture and supporting federal compliance requirements.

This position involves:

• Designing, implementing, and maintaining secure CI/CD pipelines aligned with DoD Enterprise DevSecOps Reference Design (DSOP).
• Automating deployment of secure environments using Terraform, Ansible, or CloudFormation for DoD or FedRAMP-compliant systems.
• Integrating static code analysis (SAST), dynamic testing (DAST), container scanning, and various security toolsets within pipelines to enforce continuous compliance.
• Implementing and managing DoD STIGs, DISA baselines, and RMF controls in Infrastructure as Code (IaC).
• Translating DoD security controls into automated enforcement and validation within development pipelines.
• Developing scripts and tools for compliance validation (e.g., OpenSCAP, Chef InSpec, PowerSTIG).
• Helping co-develop & maintain technical documentation for RMF authorization and continuous monitoring processes.
• Implementing and managing DevSecOps tools such as GitLab, Jenkins, ArgoCD, Harbor, Nexus, SonarQube, Anchore, etc.
• Automating container security and orchestrating deployments using Kubernetes.
• Managing secret storage, credential rotation, and logging using Vault, DoD-approved KMS, or AWS Secrets Manager.
• Working closely with security, development, and operations teams to ensure alignment with DoD RMF, NIST SP 800-53, and/or FedRAMP.
• Collaborating with Information System Security Officers (ISSOs), Information Systems Security Managers (ISSMs), and Security Control Assessors for ATO package development.
• Serving as an internal primary subject matter expert in federal compliance standards and cybersecurity practices.

Qualifications

• Bachelor’s degree in Computer Science or related field (or equivalent experience).
• 7+ years of hands-on experience with DevSecOps in AI/ML or data-intensive systems.
• Familiarity with OpenShift or Kubernetes security hardening.
• Knowledge of Zero Trust Architecture (ZTA) concepts.
• Proven experience managing and driving successful ATO processes.
• Expertise with DevSecOps tools, practices, and frameworks.
• Strong understanding of federal security compliance standards (e.g., NIST 800-53, RMF, FedRAMP).
• Hands-on experience with cloud environments (AWS, Azure, or GCP) and containerization (Docker, Kubernetes).
• Strong scripting and automation skills (Python, Bash, or similar).
• Excellent leadership, communication, and documentation abilities.
• Active security clearance or eligibility to obtain one.

Desired Skills

• Previous experience directly supporting government contracting or federal agencies.
• Relevant certifications such as: Certified Kubernetes Administrator (CKA), AWS Certified Security or DevOps Engineer, HashiCorp Certified Terraform Associate.

Benefits

• Medical, Dental, and Vision plans
• Unlimited PTO ⎯ Federal Holiday Paid Leave
• 12 weeks of paid Parental Leave
• Employer paid STD/LTD
• Employer Paid Life Insurance
• 401K plan and Employer Match
• Professional Development Assistance
• Equity Incentive Plan