[Hiring] DevSecOps Engineer @DecisionPoint | Cortek

Role Description

DecisionPoint seeks a DevSecOps Engineer (CMS) to lead continuous integration, delivery, and security automation for an enterprise-level case management solution supporting Department of Defense mission partners. The role focuses on establishing and maintaining secure, scalable CI/CD pipelines, containerized environments, and infrastructure as code (IaC) within AWS GovCloud Impact Level (IL) 2, 4, and 5 environments. The DevSecOps Engineer will collaborate across engineering, cybersecurity, and development teams to ensure the system’s architecture adheres to federal cybersecurity mandates, integrates with continuous monitoring tools, and achieves full lifecycle automation. This position is fully remote.

Duties & Responsibilities

• Design, implement, and maintain CI/CD pipelines supporting build, test, and deployment automation for all environments.
• Develop and manage containerized application deployments using Docker and Kubernetes within AWS GovCloud.
• Implement Infrastructure as Code (IaC) using Terraform or CloudFormation to automate provisioning and configuration management.
• Integrate automated security scans and compliance checks aligned with DoD Risk Management Framework (RMF) and DISA STIG baselines.
• Support continuous monitoring and logging through AWS CloudWatch, GuardDuty, and third-party vulnerability management tools (e.g., Nessus, ACAS).
• Collaborate with development and cybersecurity teams to ensure secure code practices and adherence to Zero Trust architecture principles.
• Develop and maintain DevSecOps plans, playbooks, and standard operating procedures that document secure build and deployment processes.
• Lead performance tuning, scalability planning, and proactive incident response for CI/CD infrastructure.
• Manage code repositories in AWS CodeCommit, ensuring secure branching, versioning, and release management.
• Coordinate with system administrators to optimize network, storage, and compute resources supporting the CI/CD pipeline.
• Participate in Agile ceremonies to plan, execute, and review DevSecOps sprint deliverables.
• Support system authorization activities, including documentation for ATO compliance under DoDI 8510.01 (RMF).

Qualifications

• Must hold an active Secret clearance.
• Bachelor’s degree in Computer Science, Information Technology, Engineering, or related field.
• Minimum 7 years of experience in DevSecOps, software automation, or cloud infrastructure engineering.
• Demonstrated experience supporting secure cloud-based development environments within AWS GovCloud or DoD-accredited platforms.
• Strong knowledge of CI/CD tools such as Jenkins, GitLab CI, or AWS CodePipeline.
• Proficiency with containerization and orchestration (Docker, Kubernetes, Helm).
• Experience with IaC tools such as Terraform or AWS CloudFormation.
• Familiarity with Zero Trust, RMF, and DISA STIG compliance.
• Hands-on experience with monitoring and alerting tools (CloudWatch, ELK Stack, Prometheus).
• Scripting proficiency in Python, Bash, or PowerShell.
• Experience integrating static code analysis, dependency scanning, and vulnerability management into build pipelines.

Certifications (Preferred)

• AWS Certified DevOps Engineer – Professional.
• CompTIA Security+ CE or equivalent DoD 8570 certification.
• Certified Kubernetes Administrator (CKA) or Docker Certified Associate (DCA).

Skills

• Strong collaboration skills across multidisciplinary teams.
• Ability to balance performance, scalability, and security in automated deployments.
• Excellent troubleshooting, problem-solving, and analytical skills.
• Effective communication skills for both technical and executive audiences.