DevSecOps - Intermediate

Ashburn, VA, US • Posted 4 hours ago • Updated 4 hours ago
Full Time
On-site
Fitment

Dice Job Match Score™

✨ Finding the perfect fit...

Job Details

Skills

  • Tier 2
  • DoD
  • Security Clearance
  • DevSecOps
  • Scalability
  • Configuration Management
  • Patch Management
  • Inventory Management
  • Security Controls
  • Software Security
  • Testing
  • Vulnerability Scanning
  • Orchestration
  • Performance Monitoring
  • Hardening
  • Collaboration
  • Agile
  • Scrum
  • UPS
  • Sprint
  • Technical Writing
  • Auditing
  • Terraform
  • Ansible
  • Continuous Integration
  • Continuous Delivery
  • GitHub
  • Docker
  • Kubernetes
  • Oracle Policy Automation
  • Git
  • Version Control
  • Workflow
  • Change Management
  • Documentation
  • NIST SP 800 Series
  • FISMA
  • FedRAMP
  • Amazon Web Services
  • Cloud Computing
  • Management
  • Scripting
  • Python
  • Bash
  • Regulatory Compliance
  • Life Insurance
  • Law

Summary

POSITION TITLE: DevSecOps Engineer (Intermediate)

CLEARANCE REQUIREMENT: Must be eligible to obtain a Public Trust Tier 2 clearance or hold an active DoD security clearance

POSITION OVERVIEW: IMRI is seeking a motivated and technically proficient DevSecOps Engineer to support a hybrid cloud environment within a federal program. This role focuses on advancing secure infrastructure automation, enhancing CI/CD pipelines, and integrating security throughout the software delivery lifecycle. The ideal candidate will build upon an established DevSecOps framework-leveraging existing tools, standards, and processes-to improve automation, strengthen security posture, and support scalable, resilient application and infrastructure delivery.

KEY RESPONSIBILITIES:

Infrastructure Automation (IaC)
  • Maintain and enhance infrastructure as code using Terraform and OpenTofu
  • Develop modular, reusable configurations aligned with existing engineering standards
  • Manage state files, remote backends, and workspace configurations
  • Refactor legacy infrastructure code to improve performance, scalability, and maintainability
  • Execute infrastructure changes through approved change management processes

Configuration Management (CaC)
  • Develop and maintain Ansible playbooks and roles to automate system configuration and deployment
  • Support patch management, compliance enforcement, and infrastructure consistency across environments
  • Adhere to established role structures, variable conventions, and inventory management practices

CI/CD Pipeline Engineering
  • Build, maintain, and enhance GitHub Actions workflows for automated build, test, and deployment processes
  • Integrate security controls within pipelines, including:
    • Static application security testing (SAST)
    • Dependency and vulnerability scanning
    • Secrets detection
    • Policy-as-code validation
  • Ensure all pipeline changes follow peer review, version control, and approval workflows

Containerization & Orchestration
  • Support containerized application environments using Docker and Kubernetes
  • Develop and maintain Dockerfiles aligned with secure image build practices
  • Manage Kubernetes manifests and Helm charts to support application deployment and orchestration
  • Assist with cluster operations, including performance monitoring and troubleshooting
  • Ensure container images are scanned for vulnerabilities prior to deployment

Security Integration & Compliance
  • Integrate security practices across the development lifecycle (Shift-Left security)
  • Implement and support security scanning tools, including SAST, secrets scanning, and infrastructure security validation
  • Enforce infrastructure and container hardening standards aligned with CIS benchmarks and federal security baselines
  • Support compliance activities aligned with NIST SP 800-53, FISMA, and related frameworks
  • Produce audit-ready documentation to support assessments and compliance reviews

Collaboration & Engineering Practices
  • Work closely with cross-functional engineering teams in an Agile/Scrum environment, participating in stand-ups, sprint planning, and technical reviews
  • Follow established version control, peer review, and change management workflows
  • Ensure all updates to production systems are properly reviewed and approved through formal processes
  • Maintain clear and accurate documentation of changes to shared codebases, pipelines, and infrastructure

Key Deliverables
  • Infrastructure as Code modules and documentation
  • Ansible playbooks, roles, and execution logs
  • GitHub Actions workflow configurations and pipeline documentation
  • Dockerfiles, Kubernetes manifests, and Helm charts
  • Security scanning configurations and compliance documentation
  • Change logs and technical documentation supporting audit readiness

REQUIRED QUALIFICATIONS:
  • Hands-on experience with Terraform and/or OpenTofu, including module development and state management
  • Proficiency with Ansible, including playbooks, roles, and automation workflows
  • Experience designing and maintaining CI/CD pipelines using GitHub Actions
  • Working knowledge of Docker and Kubernetes for containerized environments
  • Familiarity with security tools and practices, including:
    • SAST tools (e.g., Semgrep, Checkov, tfsec or similar)
    • Secrets detection tools (e.g., Gitleaks, Detect-Secrets)
    • Policy-as-code frameworks (e.g., OPA/Rego)
  • Proficiency with Git-based version control, including branching, pull requests, and protected branch workflows
  • Experience working within structured change management and documentation processes

PREFERRED QUALIFICATIONS:
  • Experience supporting federal or highly regulated environments
  • Familiarity with NIST SP 800-53, FISMA, and FedRAMP compliance requirements
  • Experience working within AWS cloud environments
  • Familiarity with secrets management solutions such as HashiCorp Vault
  • Scripting experience in Python and/or Bash

IMRI offers top-tier benefits that include: medical coverage through nationally recognized carriers, ancillary coverages, paid vacation and sick leave in compliance with all state and local laws, 401(k) with company match, company paid life insurance and LTD, and several additional voluntary coverages.

Pay will be commensurate with the experience, skills, and qualifications that the candidate brings to the position.

Equal Employment Opportunity Statement

IMRI is an Equal Employment Opportunity employer. IMRI prohibits unlawful discrimination and harassment and provides equal employment opportunity to all applicants and employees consistent with applicable federal, state, and local laws. Employment decisions are based on qualifications, merit, business needs, and other lawful job-related factors without regard to race, color, religion, sex, national origin, age, disability, protected veteran status, genetic information, or any other characteristic protected by law. As a federal contractor, IMRI complies with Section 503 of the Rehabilitation Act and VEVRAA and takes affirmative action with respect to qualified individuals with disabilities and protected veterans as required by law.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: IMRICA
  • Position Id: 162b9e294d657197fafdec570786c9fb
  • Posted 4 hours ago
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Washington, District of Columbia

Today

Full-time

Washington, District of Columbia

Today

Full-time

Remote or Reston, Virginia

Today

Full-time

USD 108,476.00 - 184,409.00 per year

Remote or Reston, Virginia

Today

Full-time

USD 108,476.00 - 184,409.00 per year

Search all similar jobs