DevSecOps Specialist

MTSI is seeking an adaptable and skilledDevSecOps Specialist to support an advanced air platform program. This role emphasizes integrating security practices into the development and operations lifecycle while delivering automated, scalable, and secure solutions that meet mission-critical objectives. As a member of the team, you will play a pivotal role in enabling fast, secure development, collaboration, and deployment processes for advanced defense systems.

Responsibilities

• DevSecOps Pipeline Development:
• Design, maintain, and optimize Continuous Integration/Continuous Deployment (CI/CD) pipelines to ensure secure and efficient development workflows.
• Automate testing, security validation, and deployment processes within development pipelines.
• Security Integration:
• Embed security controls, tools, and practices (e.g., SAST, DAST, vulnerability scanners) into the DevSecOps lifecycle to ensure compliance with DoD standards.
• Implement and manage secure coding frameworks, encryption practices, and zero-trust architectures for mission-critical applications.
• Systems and Application Development Support:
• Collaborate with developers to integrate DevSecOps tools that enhance system performance, security, and reliability across air platform mission systems.
• Configure secure containerized environments using Kubernetes, Docker, and other orchestration tools for real-time system operations.
• Automation and Monitoring:
• Develop automated processes for infrastructure provisioning and application monitoring via Infrastructure as Code (IaC) (e.g., Terraform, Ansible).
• Maintain observability through monitoring dashboards and alerting systems to ensure system performance and compliance.
• Compliance and Governance:
• Ensure systems align with DoD frameworks such as RMF (Risk Management Framework), NIST Cybersecurity Framework, and CMMC standards.
• Maintain documentation for DevSecOps configurations, pipelines, and security validations, ensuring transparency across teams.
• Collaboration in an IPT Framework:
• Work within an Integrated Product Team (IPT) to coordinate development and security practices with software engineers, systems architects, and program stakeholders.
• Provide technical expertise to streamline processes and ensure alignment with mission-critical requirements.

Qualifications

Required

• Bachelor's degree in Computer Science, Software Engineering, Cybersecurity, or a related technical field.
• 7+ years of experience in DevSecOps or related roles with a strong focus on automation, CI/CD pipelines, and secure development practices.
• Proficiency in DevSecOps tools such as Jenkins, GitLab CI, Docker, Kubernetes, Terraform, or Ansible.
• Experience with integrating and managing security tools such as SonarQube, Nessus, OpenSCAP, or Aqua Security.
• Familiarity with DoD cybersecurity protocols and frameworks (e.g., RMF, CMMC, NIST SP 800-171).
• Sound knowledge of scripting languages (e.g., Python, Bash) for developing automation and monitoring workflows.
• Must possess an active Top Secret clearance with eligibility for SCI.

Desired

• 12+ years of experience in DevSecOps or related roles with a strong focus on automation, CI/CD pipelines, and secure development practices.
• Certifications that demonstrate expertise in DevSecOps and secure software development:
• DevSecOps Foundation Certification (DSOF) - DevOps Institute
• AWS Certified Security - Specialty - For secure cloud-based architectures.
• Certified Kubernetes Security Specialist (CKS) - For containerized environments and Kubernetes security.
• Certified Secure Software Lifecycle Professional (CSSLP) - (ISC)
• CompTIA Security+ - Foundational cybersecurity certification.
• Certified Information Systems Security Professional (CISSP) - Critical for cybersecurity integration in DevSecOps solutions.
• Certified Terraform Associate - For secure Infrastructure as Code automation.
• Experience deploying applications on hybrid cloud environments, including AWS GovCloud or Microsoft Azure Government.
• Familiarity with Zero Trust architectures, microservices, and API security.
• Strong collaboration and communication skills when working within cross-functional teams.

#LI-CH1

#LI-Onsite

#Dragons

#Skyline

#Yellowhammer