DevSecOps Software Engineer 2

Responsibilities:

Duties will include maintaining multiple Kubernetes clusters for build, test, and production environments, setting up supporting services, and coordinating accesses for development staff and end-users, validating products and managing deployments. This will include the following actions and more as requirements demand:

• Deploying, troubleshooting, and analyzing systems and services to support course delivery.
• Performing system modeling, simulation, and analysis.
• Providing input for documentation and logic/data flow design of new or existing programs.
• Verifying accuracy and completeness of programs by preparing sample data, conducting program tests, analyzing test results, and debugging programs errors.

DevSecOps Engineers must be able to successfully demonstrate the following capabilities:

• Design, implement, and maintain secure CI/CD pipelines that automate build, test, and deployment processes across multiple environments (development, staging, and production).
• Manage and optimize container orchestration platforms (e.g., Kubernetes, Docker Swarm) to ensure scalability, resilience, and compliance with program security standards.
• Deploy and maintain infrastructure-as-code (IaC) using tools such as Helm to achieve repeatable, auditable, and version-controlled environments.
• Integrate security scanning and compliance checks into CI/CD workflows for container images, source code, and infrastructure templates.
• Monitor, log, and analyze system and application performance using enterprise observability tools to ensure reliability, uptime, and host stability.
• Administer and harden on-premise systems, including virtual machines, storage servers, and database hosts, in accordance with program IT policies.
• Collaborate with development teams to define deployment requirements, troubleshoot build and runtime issues, and streamline the path from code to production.
• Implement and enforce identity and access management best practices, including secrets management, RBAC (Role-Based Access Control), and least privilege principles.
• Support incident response and vulnerability management processes through root cause analysis, patching, and continuous improvement of security posture.
• Document and maintain operational runbooks, playbooks, and system diagrams to promote transparency, consistency, and knowledge sharing across the team.
• Continuously evaluate and improve automation, monitoring, and security toolchains to align with evolving business and compliance requirements.
• Effectively communicate complex infrastructure and security concepts to technical and non-technical stakeholders, supporting cross-functional decision-making.

Requirements:

• Experience developing using one or more of the following languages: Ruby, Ruby on Rails, Python, or C++, JavaScript/TypeScript.
• Requires demonstrated proficiency in web UI interface design using a variety of languages such as HTML, CSS, AJAX, JSON/XML JavaScript/Typescript and JQuery or similar.
• Experience using SQL/NoSQL and relational databases (MySQL/MongoDB preferred) required.
• A working knowledge of both Windows and Linux platform is required.
• Demonstrated experience with Agile methodologies.

Clearance Required:

• TS/SCI with Full Scope Poly

Minimum Education:

• Bachelor’s Degree in Computer Science or related field and five (5) years of applicable software development experience is required.
  OR
• Three (3) years of experience may be substituted for a Bachelor’s Degree is acceptable, for a total of eight (8) years of applicable software development experience.

Minimum Years of Experience:

• Minimum (5) years of applicable software development experience is required.

Required Certifications:

• Sec+ or DoD 8570 IAT Level II Certification.

Preferred:

• Experience working with virtual machines and virtual machine hosting environments, primarily ESXi/vCenter (VMWare, VSphere, and VCenter virtualization tool).
• Experience with scripting languages (Windows PowerShell, BASH, VMware PowerCLI, API, Python, Go etc.)
• Experience with reading/implementing STIG guidance, hardening and maintaining systems.
• Experience with installing, configuring, maintaining and using Atlassian products such as Confluence, Jira, Bitbucket, etc.
• Ability to explain complex abstraction layer designs and troubleshooting steps.
• Ability to work independently while being conscious of how your work interacts with that of others.
• Ability to work flex and overtime hours with some weekend hours expected.
• Ability to solve problems quickly and completely; analytical problem-solving skills; adept at root-cause analysis and mitigation.
• Possess drive, enthusiasm, and attention to detail.
• Effective communication, writing, documentation, and requirements gatherings skills are needed to be effective in this role for working with other members of the Team and with the Customer to meet the requirements of the program

Attendance:

• Attendance is critical at all times. Must be able to work a 40-hour workweek, normally Monday through Friday. However, times and days may vary depending on business requirements. Needs to be available to work overtime during critical peaks and be available to meet last minute requests for overtime should the situation occur.