DevSecOps Engineer, Staff

Overview:

AMERICAN SYSTEMS is an employee-owned federal government contractor supporting national priority programs through our strategic solutions in the areas of Information Technology, Test & Evaluation, Program Mission Support, Engineering & Analysis, and Training.

Responsibilities:

The DevSecOps Engineer will design, implement, and maintain secure, automated

software delivery pipelines in support of U.S. defense acquisition programs. This role

requires strong Linux expertise, hands-on experience with modern DevSecOps practices, and a solid understanding of DoD acquisition environments, processes, and security requirements. You will collaborate with development, security, and operations teams to ensure mission-critical systems are built, tested, and deployed securely and reliably.

Key Responsibilities

DevSecOps & Automation

Design, implement, and maintain CI/CD pipelines (e.g., GitLab CI, GitHub Actions, Jenkins, Azure DevOps) to automate build, test, security scanning, and deployment processes.

Integrate security tools (SAST, DAST, SCA, container scanning, secret detection) into the pipeline and enforce “shift-left” security practices.

Develop and maintain Infrastructure as Code (IaC) using tools such as Terraform, Ansible, Helm, or CloudFormation.

Implement and manage configuration management and environment provisioning for development, test, staging, and production environments.

Linux & Platform Engineering

Administer and harden Linux-based systems (RHEL, CentOS, Rocky, Ubuntu, or similar) in accordance with DoD security standards (e.g., STIGs, CIS Benchmarks).

Manage system services, networking, access controls, logging, and system monitoring on Linux platforms.

Troubleshoot performance, reliability, and security issues on Linux servers, containers, and virtual machines.

Build and maintain containerized workloads (Docker/Podman) and orchestrated environments (Kubernetes/OpenShift or similar).

Security & Compliance

Implement and maintain security controls in line with DoD and federal requirements (e.g., RMF, NIST SP 800-53, NIST 800-171, CMMC).

Support Authority to Operate (ATO) activities by producing required DevSecOps and system artifacts (e.g., pipeline documentation, security test results, configuration baselines).

Collaborate with ISSOs, security engineers, and program managers to ensure continuous compliance and vulnerability remediation.

Implement monitoring, alerting, and logging solutions (e.g., ELK/EFK, Splunk, Prometheus/Grafana) to support security operations and incident response.

Defense Acquisition Support

Work within the constraints and requirements of DoD acquisition lifecycle frameworks (e.g., DoDI 5000 series, DoD 5000.02, Adaptive Acquisition Framework).

Align DevSecOps practices with program milestones, deliveries, and documentation expectations (e.g., CDR, TRR, test events, fielding).

Participate in technical reviews, risk assessments, and planning sessions with program stakeholders and government customers.

Provide technical input to acquisition artifacts such as System Engineering Plans, Test Plans, and Cybersecurity Strategies.

Collaboration & Technical Leadership

Partner with developers, system engineers, cybersecurity, and program management to define secure architecture patterns and deployment strategies.

Champion DevSecOps best practices, secure coding standards, and continuous improvement across the team.

Mentor junior engineers and contribute to internal standards, templates, and playbooks.

Qualifications:

3-5 years experience in classified or air-gapped environments and with cross-domain or

disconnected DevSecOps workflows.

Secret Clearance REQUIRED.

Hands-on experience with:

DoD Enterprise DevSecOps platforms (e.g., Platform One, Iron Bank, relevant containers registries)

Secrets management tools (e.g., HashiCorp Vault, AWS Secrets Manager, Key Management Systems)

Cloud platforms (AWS, Azure, GCP) and hybrid/multi-cloud environments in a government context (e.g., IL4/IL5, GovCloud).

Relevant certifications, such as:

Security+ CE, CISSP, CASP+, or other DoD 8570/8140 certifications Red Hat (RHCSA/RHCE), Linux Foundation (CKA/CKAD), or similar DevOps/Cloud certifications (e.g., AWS/Azure DevOps Engineer, CNCF).

Experience with Agile/Scrum or SAFe in defense programs.

Strong written and verbal communication skills, including the ability to document architectures, pipelines, and security controls clearly for technical and non-technical stakeholders.

Ability to work collaboratively in a multi-disciplinary, multi-contractor environment.

Demonstrated problem-solving skills and ownership mindset in highly regulated,

mission-critical contexts.