DevSecOps Engineer

Job ID: 2503775

Location: RESTON, VA, US

Date Posted: 2025-03-26

Category: Software

Subcategory: DevSecOps

Schedule: Full-time

Shift: Day Job

Travel: No

Minimum Clearance Required: TS/SCI with Poly

Clearance Level Must Be Able to Obtain: None

Potential for Remote Work: No

Description

SAIC, a leading provider of systems development & deployment, targeting & intelligence analysis, systems engineering & integration, and training capabilities and solutions for the Intelligence Community, is seeking creative and dedicated professionals to fulfill their career goals and objectives while delivering mission excellence on programs of national importance.

We are seeking a highly skilled and motivated DevSecOps Engineer to join our team. As a DevSecOps Engineer, you will integrate security practices into our DevOps processes, ensuring the development and deployment of secure applications. The ideal candidate will possess a strong background in both security and DevOps methodologies, with a passion for automating security processes and enhancing the overall security posture of our infrastructure and applications. This position is located in Reston, VA.

Job Responsibilities:

• Integrate security into the CI/CD pipeline, automating security controls and ensuring security is embedded throughout the development lifecycle.
• Collaborate with development, operations, and security teams to define and implement security best practices and standards.
• Conduct security assessments, vulnerability analysis, and penetration testing to identify and mitigate security risks.
• Develop and maintain secure infrastructure as code (IaC) scripts using tools like Terraform, Ansible, or CloudFormation.
• Implement and manage security tools and technologies such as SIEMs, IDS/IPS, firewalls, and endpoint protection.
• Monitor and respond to security incidents, performing root cause analysis and implementing corrective measures.
• Educate and train development and operations teams on secure coding practices and security tooling.
• Stay up to date with the latest security threats, trends, and technologies, and proactively address potential risks.
• Create and maintain documentation related to security policies, procedures, and standards.
• Participate in security audits and compliance initiatives to ensure adherence to industry regulations and standards.

Qualifications

Required Education:

• Bachelors and five (5) years or more experience; Masters and three (3) years or more experience; PhD and 0 years related experience.

Desired Education:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent work experience) preferred.

Required Qualifications:

• Minimum of 5 years of experience in DevOps, security engineering, or a related field.
• Strong understanding of security principles and best practices, including threat modeling, risk assessment, and vulnerability management.
• Proficiency with DevOps tools and practices, including CI/CD pipelines, containerization (Docker, Kubernetes), and version control systems (Git).
• Experience with security tools such as OWASP ZAP, Burp Suite, Nessus, Metasploit, or similar.
• Solid understanding of cloud security concepts and experience with cloud platforms (AWS, Azure, Google Cloud).
• Strong scripting and automation skills using languages such as Python, Bash, or PowerShell.
• Excellent problem-solving skills and the ability to think critically about potential security issues and solutions.
• Effective communication and collaboration skills, with the ability to work cross-functionally and educate team members.
• Relevant certifications such as CISSP, CEH, OSCP, AWS Certified Security - Specialty, or similar are preferred.

Desired Qualifications:

• Experience with compliance frameworks and standards such as ISO 27001, NIST, SOC 2, or GDPR.
• Familiarity with security orchestration, automation, and response (SOAR) solutions.
• Prior experience in a DevSecOps role or similar security-focused DevOps position.

Clearance:

SAIC accepts applications on an ongoing basis and there is no deadline.

Covid Policy: SAIC does not require COVID-19 vaccinations or boosters. Customer site vaccination requirements must be followed when work is performed at a customer site.