Senior DevSecOps Engineer

Optima Global Solutions Inc.is a valuable IT Services and Solution provider that customers, employees, and stakeholders feel proud to be associated with. Optima's Intelligent Automation Solutions leverage robotic process automation, intelligent data capture, and business process management best practices to streamline operations. Our IT Services practice provides organizations with highly personalized, comprehensive, U.S. based recruiting services supported by our internal onsite team of subject matter experts.

Currently, we are hiring for the following position;

Senior DevSecOps Engineer

POSITION SUMMARY:
The Senior DevSecOps Engineer serves as a senior technical lead enabling secure, rapid development and execution of JOMIS DevSecOps pipelines for operational-medicine capabilities, including MedCOP, Operational Medicine Care Delivery Platform (OpMed CDP), MHS GENESIS-Theater (MHSG-T), BATDOK-J, and related theater blood and operational data services. The role owns end-to-end DevSecOps practices across cloud and hybrid environments (e.g., Cloud One), embedding security in CI/CD, automating infrastructure, and ensuring compliance with DoD/DHA standards. The engineer leads a team of DevOps/Platform engineers, partners with cybersecurity and product teams, and aligns delivery with JOMIS test and fielding cycles to sustain resilient, interoperable solutions for connected, intermittent, and disconnected operations.

JOB RESPONSIBILITIES:

• Lead design, implementation, and sustainment of secure CI/CD/CT pipelines (e.g., GitLab, Jenkins) with integrated SAST/DAST, SBOM/dependency scanning, image signing, and policy gates.
• Lead and mentor DevOps/Platform engineers; establish engineering standards, code reviews, runbooks/SOPs, and on-call rotations.
• Implement Infrastructure-as-Code / Configuration-as-Code (Terraform, Terragrunt, Ansible) for repeatable environment provisioning, drift control, and compliant baselines.
• Engineer and operate container platforms (Docker/Kubernetes/OpenShift) with registry controls, runtime protection, and automated compliance checks.
• Integrate and operate observability (logging, metrics, tracing) and alerting to meet SLOs/SLIs for MedCOP, OpMed CDP, MHSG-T, and BATDOK-J releases and test events.
• Embed Zero Trust and least-privilege patterns in pipelines and runtime (secrets management, identity-aware access, signed artifacts, network segmentation).
• Align DevSecOps delivery to JOMIS test and fielding activities (lab, interoperability/regression, JITC/OT&E events), supporting rapid fixes and secure hotfix pipelines.
• Partner with product and vendor teams to onboard applications, modernize legacy integration patterns, and improve performance/reliability in austere and low-bandwidth environments.
• Support RMF/ATO sustainment by generating pipeline evidence (build attestations, SBOMs, scan reports), maintaining SSP/POA&M artifacts, and meeting DISA STIG and SRG controls.
• Drive cost, capacity, and resilience improvements (right-sizing, autoscaling, blue/green/canary, chaos testing) and track error budgets tied to mission KPIs.
• Coordinate with DHA J-6, enterprise service providers, and program vendors to ensure interoperability, cybersecurity, and enterprise compliance.

JOB REQUIREMENTS:

• Education: Bachelor's degree in computer science, Software Engineering, Information Systems, Cybersecurity, or a related technical field (Master's preferred).
• Experience: Minimum 7 years of hands-on DevOps/Cloud/Platform engineering, including team leadership delivering production pipelines and platforms.
• Expert with CI/CD (GitLab/Jenkins), IaC/CaC (Terraform, Terragrunt, Ansible), and containers/orchestration (Docker, Kubernetes/OpenShift).
• Strong scripting/automation in Python and Bash (Poetry or similar packaging preferred).
• Experience implementing secure software supply-chain practices (artifact signing, SBOM, provenance/attestation, policy-as-code).
• Proven delivery in cloud/hybrid environments (AWS / Cloud One), including IAM, networking, and cost/performance optimization.
• Working knowledge of DoD/DHA cybersecurity (DISA STIGs, SRG, NIST SP 800-53, RMF/ATO, Zero Trust).
• Ability to collaborate across product, cybersecurity, test, and infrastructure teams and to communicate clearly with technical and non-technical stakeholders.

KEY COMPETENCIES:

• DevSecOps at scale: secure SDLC, pipeline policy gates, automated compliance evidence, and release orchestration for multi-app portfolios.
• Operational-medicine context: delivery and sustainment for MedCOP, OpMed CDP, MHSG-T, BATDOK-J, and theater solutions supporting connected/intermittent/disconnected use.
• Software-factory & platform engineering: GitOps, GitLab/Jenkins runners, artifact registries, environment promotion, golden AMI/container baselines.
• Observability & reliability: SLO design, telemetry pipelines, performance tuning, fault injection/chaos testing, and incident/post-incident management.
• Interoperability readiness: data-exchange support, interface hardening, pre-deployment lab/regression testing aligned to JOMIS schedules.
• Leadership: mentoring engineers, setting standards, managing priorities, and driving continuous improvement across tools and processes.

CERTIFICATIONS:

• Required: CompTIA Security+ (or equivalent DoD 8140 IAT II baseline).
• Recommended: AWS Certified Solutions Architect Associate (or higher) or AWS DevOps Engineer Professional; HashiCorp Terraform Associate; CKA/CKS (Kubernetes).

Preferred: SAFe/Agile (e.g., SAFe POPM or SAFe SA), GIAC cloud/security (e.g., GCLDSA), prior JOMIS/DHA/DHMS experience

Interested candidates, please apply online with a detailed resume and contact information.

Thank you.