DevSecOps Engineer

The work

As a DevSecOps Engineer, you will play a pivotal role in advancing operational AI adoption by implementing and maintaining secure, automated CI/CD pipelines within a modern Hub-and-Spoke architecture

Key responsibilities:

• Collaborate with AI, data engineering, platform engineering, and cybersecurity teams to support secure and scalable software delivery
• Support the integration of operational AI systems within a modern Hub-and-Spoke architecture
• Ensure deployment security and observability across mission applications and enterprise AI governance platforms
• Troubleshoot and resolve issues related to CI/CD, security automation, and Kubernetes infrastructure
• Contribute to the development and enforcement of DevSecOps best practices and standards
• Design, build, and maintain distributed data processing pipelines to support operational AI adoption
• You will leverage observability platforms and mission-focused operational workflows to ensure continuous delivery and rapid response to evolving security requirements
• Your expertise will contribute directly to the integration of AI, DevSecOps, and cybersecurity practices, enabling the organization to accelerate software delivery while maintaining robust security and compliance standards
• Your responsibilities will include integrating security scanning, SBOM generation, and automated compliance checks into the software delivery lifecycle, ensuring the integrity and security of the software supply chain
• You will be tasked with hardening Kubernetes environments, managing deployment security, and supporting continuous monitoring for mission-critical applications
• The position requires close collaboration with platform engineering, data engineering, and cybersecurity teams to deliver scalable, compliant, and resilient solutions that support enterprise AI governance and agentic AI systems

Here’s what you need:

• Experience designing, implementing, and maintaining secure CI/CD automation pipelines using GitLab CI/CD, ArgoCD, and OpenShift.
• Experience generating and managing SBOMs (Software Bill of Materials) for all deployed applications
• Experience with automating compliance checks and reporting to support ATO package creation and continuous monitoring
• Experience with hardening Kubernetes clusters and container environments to meet enterprise security standards. Implement and manage container security solutions, including image signing and verification with Cosign

Nice to have:

• Experience with tools such as GitLab CI/CD, Trivy, Grype, Semgrep, Cosign, OpenSCAP, and ArgoCD, as well as familiarity with Kubernetes, OpenShift, and Azure TS network environments
• Exposure to automated compliance pipelines, ATO package preparation, and container security best practices will be highly beneficial
• Experience integrating security scanning tools (Trivy, Grype, Semgrep, OpenSCAP) into automated pipelines to ensure software supply chain integrity

Eligibility requirements:

• US Citizen
• An active TS/SCI clearance is required