DevSecOps Engineer

Job Title: DevSecOps Engineer
Location: Raleigh, NC / Remote
Duration: Long-term (12+ Months)
Must be able to obtain a Security Clearance

Description:
Seeking a DevSecOps Engineer to strengthen our software development lifecycle by embedding security practices into every stage of delivery. This role will work across development, operations, and security teams to ensure applications and infrastructure are secure, compliant, and resilient, while maintaining speed and efficiency in deployment.
The ideal candidate will be responsible for streamlining our development and operational processes, ensuring efficient deployment and management of applications in cloud environments. This role requires a strong understanding of cloud computing, IT infrastructure, and software development practices. You will work closely with development teams to implement CI/CD pipelines, manage cloud resources, and enhance system performance.

Key Responsibilities:
Design, implement, and maintain secure CI/CD pipelines with automated security checks.
Integrate application security testing tools (SAST, DAST, SCA) into development workflows.
Collaborate with developers to enforce secure coding practices.
Secure Coding Standards enforced during development.
Static and Dynamic Application Security Testing (SAST/DAST), integrated into pipelines.
Automate compliance checks, code analysis in CI/CD Pipelines.
Hands on experience with Jenkins, GitLab CI/CD, Azure DevOps, or CircleCI to embed security checks.
Deep knowledge of AWS, Azure, or Google Cloud Platform security services and configurations.
Experience securing Docker and Kubernetes workloads.
Proficiency in languages like Python, Java, to automate security tasks.
Familiarity with Terraform, Ansible, or CloudFormation, with emphasis on secure configurations.
Collaborate with software developers and IT staff to oversee code releases and deployments.
Design and implement scalable cloud architecture using platforms such as AWS, Google Cloud Platform, or Azure.
Manage containerization technologies such as Docker and orchestration tools like Kubernetes.
Utilize Infrastructure as Code (IaC) tools like Ansible for automated provisioning of infrastructure.
Ensure system reliability through monitoring, logging, and alerting using tools like Jenkins and Git.
Develop RESTful APIs and microservices to facilitate communication between applications.
Maintain databases including MySQL, PostgreSQL, Oracle, and Microsoft SQL Server.
Participate in Agile development processes to improve software delivery cycles.
Troubleshoot issues across the application stack from front-end to back-end services.
Manage and secure cloud environments (AWS, Azure, Google Cloud Platform) and containerized workloads (Docker, Kubernetes).
Implement Infrastructure as Code (IaC) with secure configurations using Terraform, Ansible, or CloudFormation.
Monitor and respond to security incidents, leveraging SIEM tools and observability platforms.
Ensure compliance with industry standards and regulations (ISO 27001, NIST, GDPR, HIPAA, PCI DSS).
Provide training and guidance to teams on DevSecOps best practices.

Qualifications:
Bachelor s degree in Computer Science, Cybersecurity, or related field (or equivalent experience).
Proven experience in DevOps, Security Engineering, or Cloud Security.
Strong knowledge of CI/CD tools (Jenkins, GitLab CI/CD, Azure DevOps).
Hands on experience with cloud platforms (AWS, Azure, Google Cloud Platform).
Proficiency in programming/scripting languages (Python, Java).
Familiarity with containerization and orchestration (Docker, Kubernetes).
Experience with security automation tools and vulnerability management.
Experience with AWS & Azure & the development of tools and processes to drive DevSecOps maturity by automating builds, regression testing, monitoring, and pushing releases across environments.
Experience with troubleshooting, triaging, and resolving issues in CI/CD pipeline failures or latency.
Experience with developing enterprise cloud-native platforms using Kubernetes, Docker, or CI/CD tools, including GitHub Actions or GitLab CI/CD.
Experience with employing an Infrastructure as Code (IaC) approach to managing cloud environments.
Experience with creating and improving automation scripts across multiple technical stacks using Python.
Experience with troubleshooting and resolving issues related to both open source and commercial tools in public cloud environments.
Experience in working with GitOps tools (Flux, ArgoCD).
CKAD or CKA Certification.
AWS Certification, including Solutions Architect, DevOps Engineer, Networking, or Security.
Security Engineering or Cyber Engineering Certification, including Security+.
Proficiency in scripting languages.
Experience with virtualization technologies including VMware and OpenStack.
Familiarity with service-oriented architecture (SOA) principles and web services (SaaS, PaaS).
Knowledge of NoSQL databases as well as SQL-based systems.
Understanding of DevOps methodologies including CI/CD practices.
Experience with configuration management tools.

Preferred Certifications:
Certified DevSecOps Professional (CDP)
Certified Kubernetes Security Specialist (CKS)
AWS/Azure/Google Cloud Platform Security Certifications

Additional Required Skills/Experience:
A minimum of Eight (8) years relevant experience.
A degree from an accredited College/University in the applicable field of services is required. If the individual's degree is not in the applicable field then four additional years of related experience is required.
Typically performs all functional duties independently.
Note: Special credentials (licenses and/or certifications) may be required at the Task Order level on a case-specific basis."

About IDEXCEL, INC
Idexcel is an IT services organization, with a mission to bring great people and great organizations together. Our diverse client base represents a wide range of industries, including technology, telecom, insurance, healthcare, manufacturing, banking & financial services, food & commodities trading and federal organizations. Our teams of experienced recruiters directly work with client companies seeking exceptional people to help with their business initiatives. Idexcel, Inc. is an Equal Opportunity Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, disability, military status, national origin or any other characteristic protected under federal, state, or applicable local law.