Resumen del rol

DevOps Engineer (Secret Clearance)

Requisitos y responsabilidades

Contenido del rol extraído en secciones para revisar más rápido.

Details

  • Security Integration – Implement andmaintainsecurity controls throughout the development pipeline, ensuring security is embedded in every phase of the software development lifecycle.
  • Compliance Management – Collaborate with Information System Security Officers (ISSOs) to review Security Technical Implementation Guides (STIGs) and support Authority to Operate (ATO) processes, ensuring compliance with security standards and regulatory requirements.
  • CI/CD Pipeline Security – Design, implement, andmaintainsecure CI/CD pipelines with automated security testing, vulnerability scanning, and compliance checks integrated into deployment workflows.
  • Scrum Process Participation – Activelyparticipatein Scrum ceremonies, including sprint planning, daily standups, sprint reviews, and retrospectives, whileprovidingsecurity guidance and effort estimates for security-related tasks.
  • Vulnerability Management – Conduct regular security assessments, vulnerability scans, and penetration testing, while coordinating remediation efforts with development teams.
  • Infrastructure as Code (IaC) – Develop andmaintainsecure infrastructure configurations using Infrastructure as Code principles with automated security policy enforcement.
  • Security Monitoring – Implement and manage security monitoring tools, logging systems, and incident response procedures to detect and respond to security threats in real time.
  • Risk Assessment – Perform security risk assessments, threat modeling, and security architecture reviews toidentifyand mitigate potential vulnerabilities.
  • Documentation and Training – Create security documentation, procedures, and training materials whilemaintainingcompliance artifacts for audit purposes.
  • Required: 4 years of experience +Bachelor’sdegree, or 8 years of experience
  • Preferred: DoD Secret clearance or equivalent
  • IAT Level II certificationrequired (e.g., Security+ CE, CCNA-Security, GSEC, GICSP, SSCP,CySA+, or other DoD 8570.01-M / DoD 8140 approved certifications at IAT Level II)
  • AWS -Experience specifically with AWS CDK and processes (preferred)
  • DevSecOpsExpertise — Strong experience inDevSecOpspractices, security automation, and secure software development within enterprise environments.
  • Scrum Methodology — Deep understanding of Scrum principles and Agile development practices, including integrating security requirements into sprint planning and user story development.
  • Security Standards Knowledge — Extensive knowledge of STIGs, NIST frameworks, ATO processes, and federal security compliance requirements, with experience working alongside ISSOs and security teams. Hands-on experience with ATO and STIG maintenance and renewal is preferred.
  • CI/CD and Automation — Proficiency with CI/CD tools, with GitLab CI preferred, as well as containerization technologies including Docker and Kubernetes, and automation platforms such as Terraform, Ansible, and CloudFormation.
  • Cloud Security — Experience with cloud security platforms and cloud-native security tools, with AWS Security Hub preferred. Familiarity with multi-cloud security strategies andadditionalplatforms (Azure Security Center, Google Cloud Security) is a plus.
  • Programming and Scripting — Proficiency in scripting languages, JavaScript (is preferred), Bash, and PowerShell, with experience using security testing frameworks and static/dynamic analysis tools.
  • Security Tools — Experience with vulnerability scanners (Nessus, OpenVAS), SAST/DAST tools, container security scanning solutions, and security orchestration platforms.
  • Communication and Collaboration — Excellent communication skills with the ability to work effectively across cross-functional Scrum teams, security officers, compliance teams, and stakeholders in fast-paced development environments.
Roles similares

Mantén una lista de respaldo.

Ver stack
FocoDevSecOps EngineerÁrea del rol
Señal de seniorityMiddleNivel del candidato
StackAWS, Azure, CI/CDSkills principales
Ubicación1 país aceptadoElegibilidad

Stack

Usa estas tags para comparar roles remotos similares.

Elegibilidad de ubicación

Candidatos deberían aplicar solo cuando el país del perfil aparece aquí.

Tu perfilPaís no definidoInicia sesión para comparar tu país con este rol.

Flujo de contratación

WithMira muestra el rol y luego envía candidatos a la aplicación de la empresa.

1Revisa fit del rol, stack y elegibilidad de ubicación en WithMira.
2Abre la página de aplicación de la empresa desde el link rastreado.
3Guarda el rol o suscríbete a oportunidades similares antes de salir.