Role Description
Build the secure delivery engine of a mission-critical Department of Veterans Affairs (VA) cloud platform. As a DevSecOps Engineer, you will design and maintain secure, automated Continuous Integration/Continuous Delivery (CI/CD) pipelines integrating security scanning and compliance controls across thousands of pipelines supporting hundreds of applications on Amazon Web Services (AWS) GovCloud.
The DevSecOps Engineer designs, implements, and maintains secure CI/CD pipelines integrating automated testing and security scanning into all build and release workflows.
Qualifications
-
1 year of experience in DevSecOps engineering
-
Bachelor's Degree in computer science, software engineering, information technology, or related field; AWS Certified DevOps Engineer - Associate (preferred)
Requirements
-
Excellent experience designing, implementing, and maintaining secure CI/CD pipelines (e.g., environment segregation across sandbox, staging, and production)
-
Excellent ability to integrate automated unit, integration, regression, performance, and security testing into all build and release workflows
-
Excellent experience implementing automated container image builds, tagging, signing, and vulnerability scanning
-
Excellent knowledge of Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and container scanning integration into pipelines
-
Excellent ability to implement and maintain Infrastructure as Code (IaC) using Terraform
-
Working knowledge of Kubernetes-based deployments and automated scaling in an Elastic Kubernetes Service (EKS) environment
-
Experience supporting a federal agency
-
Excellent verbal and written communication skills
Benefits
-
The annual projected pay range for this position is $63,576 - $106,960 with consideration being given to various factors including but not limited to qualifications, experience, job responsibilities, and geographic location.
-
Medical, dental, vision and prescription drug coverage for you and your family.
-
Life Insurance, short-term disability and long-term disability paid for by the Company.
-
Supplemental coverages including Accident, Critical Illness, and Hospital.
-
Additional Life insurance coverage for you and your dependents.
-
401k plan with various options to select based on your retirement goals.
Security
-
Active Federal Civilian Public Trust clearance
-
U.S. Citizenship or Permanent Resident that has lived in the United States for at least 3 years
-
Federal Civilian Public Trust consists of a review of up to but not limited to:
-
Covers 10 year period and in some instances lifetime events
-
OPM Security Investigations Index (SII)
-
DOD Defense Central Investigations Index (DCII)
-
National Agency Check (NAC) records
-
FBI name check
-
FBI fingerprint check
-
Credit report check
-
Written inquiries to previous employers and references listed on the application for employment
-
Potential interviews with the subject, spouse, neighbors, supervisor, coworkers
-
Law enforcement check
-
Court records check
-
Education check - Attendance and Degrees
Tasks/Activities
-
Designs, implements, documents, and maintains secure CI/CD pipelines aligned with approved design patterns supporting all assigned applications
-
Integrates automated unit, integration, regression, performance, and security testing into all build and release pipelines
-
Implements automated container image builds, tagging, signing, and vulnerability scanning
-
Ensures pipeline promotion enforces environment segregation
-
Integrates SAST, DAST, SCA, container scanning, and IaC scanning into pipelines
-
Ensures vulnerabilities are identified and remediated within defined timelines
-
Implements and maintains IaC for clusters, networking, identity, platform services, and cloud resources
-
Supports automated environment provisioning, scaling, and teardown
-
Collaborates with Product teams, Site Reliability Engineers (SREs), and Security teams to implement blue/green, canary, or rolling deployment strategies
-
Validates system readiness prior to production deployments
-
Validates post-deployment production testing to ensure capabilities and services are not degraded or disrupted following each release
-
Maintains version control, artifact repositories, and build traceability across all environments supporting auditability of all builds and configuration changes
-
Participates in Program Increment (PI) Planning, architecture reviews, and change management activities
-
Evaluates and implements improvements to automation and deployment efficiency