sprymethods - DevSecOps Engineer

Washington, DC (Remote) - Hybrid1w ago

In Office NA Cybersecurity Cloud Computing DevOps Engineer Terraform Git Ansible Docker Kubernetes Helm AWS Bash Python Documentation Sprint Planning

Requirements

• Five years of experience in DevSecOps, infrastructure automation, or continuous integration and continuous delivery (CI/CD) pipeline engineering. • Hands-on experience with Terraform and OpenTofu, including modules, remote state, and workspace management. • Proficiency with Ansible, including playbooks, roles, inventories, and secrets handling. • Demonstrated experience designing and maintaining GitHub Actions workflows. • Working knowledge of Docker, Kubernetes, Helm, and container security scanning tools. • Familiarity with SAST tools, secrets scanning, policy-as-code frameworks, and Git-based workflows. • Active Top Secret clearance. • Experience in regulated or federal environments. • Familiarity with National Institute of Standards and Technology (NIST) Special Publication 800-53, the Federal Information Security Modernization Act (FISMA), and Federal Risk and Authorization Management Program (FedRAMP) compliance requirements. • Amazon Web Services (AWS) cloud platform experience. • Experience with secrets management tools such as HashiCorp Vault, plus Python and Bash scripting.

Responsibilities

• The DevSecOps Engineer supports infrastructure automation, configuration management, continuous integration and continuous delivery (CI/CD) workflows, containerized delivery, and secure software delivery practices in a hybrid cloud environment. This role is intended to extend and mature existing engineering capabilities rather than build a new operating model from scratch. • Maintain, extend, and improve infrastructure-as-code repositories using Terraform and OpenTofu. • Develop and maintain configuration-as-code assets using Ansible. • Build, maintain, and improve GitHub Actions workflows for build, test, scanning, and deployment automation. • Support containerized delivery using Docker and Kubernetes, including manifests, Helm charts, role-based access control (RBAC), and image hardening and scanning. • Integrate security practices into delivery pipelines, including static application security testing (SAST), secrets scanning, policy-as-code, and compliance hardening. • Participate in stand-ups, sprint planning, technical reviews, peer reviews, and documentation updates.