DevSecOps Engineer
Indexed description
Job Description:
Our Reston, VA office is seeking a DevSecOps Engineer to help secure and improve software delivery across the enterprise. This role focuses on embedding security, quality, compliance, and software supply-chain controls into CI/CD workflows while partnering with software development, cybersecurity, platform engineering, systems engineering, and program teams.
This is an engineering role, not a pure governance or vulnerability-management position. The DevSecOps Engineer will work across Azure DevOps Server, Nexus, SonarQube, Kubernetes/K3s deployment workflows, artifact controls, and secure release patterns to help teams deliver software securely and reliably.
Occasional after-hours/weekend maintenance and emergency response may be required.
Key Responsibilities:
Secure CI/CD & Release Workflows
- Design, implement, and improve secure CI/CD patterns in Azure DevOps, including reusable YAML templates, quality gates, artifact controls, and release safeguards
- Support secure release workflows across development, test, integration, staging, and production environments
- Troubleshoot pipeline failures, permissions issues, dependency problems, scan failures, and release blockers
- Integrate security and quality checks into build and release workflows, including SAST, SCA, dependency scanning, secrets scanning, code-quality gates, container scanning, and artifact validation
- Support tools such as Nexus, SonarQube, Azure DevOps artifacts, and related code-quality or artifact-management platforms
- Partner with cybersecurity to align CI/CD controls with SSP, RMF, NIST, CMMC, STIG, Zero Trust, audit, and program requirements
- Partner with platform engineering on secure Kubernetes/K3s deployment standards, including namespaces, RBAC, ServiceAccounts, Helm, ingress, TLS, storage, quotas, and workload security
- Create documentation, examples, runbooks, and onboarding materials for secure pipeline and deployment workflows
- Track recurring developer pain points, pipeline health, scan outcomes, release blockers, and control gaps; turn findings into automation, templates, documentation, or improved guardrails
- 5+ years of experience in DevOps, DevSecOps, platform engineering, software delivery, systems engineering, or a closely related technical role
- Hands-on experience with Azure DevOps pipelines, YAML, build/release workflows, repositories, artifacts, permissions, or agent-based builds
- Experience implementing security, quality, or compliance controls in CI/CD workflows
- Experience with secure software delivery practices such as SAST, SCA, dependency scanning, secrets handling, code-quality gates, artifact controls, or container scanning
- Experience troubleshooting CI/CD failures, build issues, deployment problems, permissions issues, or dependency-related errors
- Experience with Kubernetes, K3s, containers, Helm, or similar deployment technologies
- Experience with scripting or automation using PowerShell, Bash, Python, or similar languages
- Ability to write clear technical documentation, runbooks, onboarding guides, and troubleshooting procedures
- Eligible to obtain and maintain a U.S. security clearance
- Willing and able to work in regulated, secure, or compliance-bounded environments
- Active U.S. security clearance
- Experience with Azure DevOps Server
- Experience integrating or administering Nexus, SonarQube, or similar artifact and code-quality platforms
- Experience with SBOM generation, SCA, container scanning, artifact signing, provenance, or software supply-chain security
- Experience with policy-as-code, OPA/Gatekeeper, Kubernetes admission controls, or secure workload policies
- Experience with Infrastructure-as-Code or Configuration-as-Code practices using Terraform, Ansible, Bicep, CloudFormation, or similar tools
- Experience with Prometheus, Grafana, Loki, or similar observability platforms
- Experience in defense contracting, government programs, CMMC, NIST 800-171, RMF, STIGs, or other compliance-driven environments
Perks and Benefits
- Medical, Dental and Vision Insurance
- Accompanying FSA and HSA options
- Additional Voluntary Benefits
- Paid Time Off
- 9 Observed Holidays and 2 Floating Holidays
- Paid Parental Leave
- Military Leave
- Tuition Reimbursement
- Professional Development Reimbursement
- Annual Salary Reviews
- Profit Sharing
- 401(k) Traditional and Roth Options
- Gym and Fitness Reimbursement
- Employee Assistance Program
- Employee Referral Program
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search