OverviewAMERICAN SYSTEMS is an employee-owned federal government contractor supporting national priority programs through our strategic solutions in the areas of Information Technology, Test & Evaluation, Program Mission Support, Engineering & Analysis, and Training.
ResponsibilitiesThe DevSecOps Engineer will design, implement, and maintain secure, automated
software delivery pipelines in support of U.S. defense acquisition programs. This role
requires strong Linux expertise, hands-on experience with modern DevSecOps practices, and a solid understanding of DoD acquisition environments, processes, and security requirements. You will collaborate with development, security, and operations teams to ensure mission-critical systems are built, tested, and deployed securely and reliably.
Key Responsibilities- DevSecOps & Automation
- Design, implement, and maintain CI/CD pipelines (e.g., GitLab CI, GitHub Actions, Jenkins, Azure DevOps) to automate build, test, security scanning, and deployment processes.
- Integrate security tools (SAST, DAST, SCA, container scanning, secret detection) into the pipeline and enforce "shift-left" security practices.
- Develop and maintain Infrastructure as Code (IaC) using tools such as Terraform, Ansible, Helm, or CloudFormation.
- Implement and manage configuration management and environment provisioning for development, test, staging, and production environments.
- Linux & Platform Engineering
- Administer and harden Linux-based systems (RHEL, CentOS, Rocky, Ubuntu, or similar) in accordance with DoD security standards (e.g., STIGs, CIS Benchmarks).
- Manage system services, networking, access controls, logging, and system monitoring on Linux platforms.
- Troubleshoot performance, reliability, and security issues on Linux servers, containers, and virtual machines.
- Build and maintain containerized workloads (Docker/Podman) and orchestrated environments (Kubernetes/OpenShift or similar).
- Security & Compliance
- Implement and maintain security controls in line with DoD and federal requirements (e.g., RMF, NIST SP 800-53, NIST 800-171, CMMC).
- Support Authority to Operate (ATO) activities by producing required DevSecOps and system artifacts (e.g., pipeline documentation, security test results, configuration baselines).
- Collaborate with ISSOs, security engineers, and program managers to ensure continuous compliance and vulnerability remediation.
- Implement monitoring, alerting, and logging solutions (e.g., ELK/EFK, Splunk, PrometheGrafana) to support security operations and incident response.
- Defense Acquisition Support
- Work within the constraints and requirements of DoD acquisition lifecycle frameworks (e.g., DoDI 5000 series, DoD 5000.02, Adaptive Acquisition Framework).
- Align DevSecOps practices with program milestones, deliveries, and documentation expectations (e.g., CDR, TRR, test events, fielding).
- Participate in technical reviews, risk assessments, and planning sessions with program stakeholders and government customers.
- Provide technical input to acquisition artifacts such as System Engineering Plans, Test Plans, and Cybersecurity Strategies.
- Collaboration & Technical Leadership
- Partner with developers, system engineers, cybersecurity, and program management to define secure architecture patterns and deployment strategies.
- Champion DevSecOps best practices, secure coding standards, and continuous improvement across the team.
- Mentor junior engineers and contribute to internal standards, templates, and playbooks.
Qualifications- 3-5 years experience in classified or air-gapped environments and with cross-domain or
disconnected DevSecOps workflows. - Hands-on experience with:
- DoD Enterprise DevSecOps platforms (e.g., Platform One, Iron Bank, relevant containers registries)
- Secrets management tools (e.g., HashiCorp Vault, AWS Secrets Manager, Key Management Systems)
- Cloud platforms (AWS, Azure, Google Cloud Platform) and hybrid/multi-cloud environments in a government context (e.g., IL4/IL5, GovCloud).
- Relevant certifications, such as:
- Security+ CE, CISSP, CASP+, or other DoD 8570/8140 certifications Red Hat (RHCSA/RHCE), Linux Foundation (CKA/CKAD), or similar DevOps/Cloud certifications (e.g., AWS/Azure DevOps Engineer, CNCF).
- Experience with Agile/Scrum or SAFe in defense programs.
- Strong written and verbal communication skills, including the ability to document architectures, pipelines, and security controls clearly for technical and non-technical stakeholders.
- Ability to work collaboratively in a multi-disciplinary, multi-contractor environment.
- Demonstrated problem-solving skills and ownership mindset in highly regulated,
mission-critical contexts.
Pay Transparency StatementAMERICAN SYSTEMS is committed to pay transparency for our applicants and employee-owners. The salary range for this position is USD $80,100.00/Yr. - USD $133,700.00/Yr. Actual compensation will be determined based on several factors permitted by law. AMERICAN SYSTEMS provides for the welfare of its employees and their dependents through a comprehensive benefits program by offering healthcare benefits, paid leave, retirement plans, insurance programs, and education and training assistance.
EEO StatementEEO Race/Sex/Disability StatVeteran Status
Never miss an opportunity! Create an alert based on the job you applied for.
