Steel Point Solutions is an amazing SBA Certified (8a), HUBZone, Small Disadvantaged Business (SDB) and a Woman Owned Small Business (WOSB) company. Established in 2013 with a vision of offering world class, integrated business solutions for all levels of Government and commercial enterprises. We are represented by a team of talented and qualified professionals who know how essential efficient, cost-effective integrated solutions are to your organization’s success. Leveraging these resources, we strive daily to lead the industry in program management and service delivery. Role Summary The DevSecOps Transformation Engineer at Steel Point Solutions is responsible for leading the transformation of DevOps practices by integrating security and Geographic Information Systems (GIS) into the software development lifecycle. This role focuses on implementing and optimizing DevSecOps processes, tools, and practices to enhance security, automation, and GIS functionality. The Engineer collaborates with development, operations, security, and GIS teams to ensure that security and GIS capabilities are integrated seamlessly into CI/CD pipelines, fostering a culture of continuous security improvement, automation, and resilience. Key Roles & Responsibilities - DevSecOps and GIS Strategy Implementation: Develop and execute strategies to integrate security and GIS into DevOps practices, ensuring that both are embedded throughout the software development lifecycle. - Pipeline Security and GIS Integration: Design and implement security controls and GIS data processing workflows within CI/CD pipelines, automating security checks, vulnerability assessments, and compliance verifications along with GIS data integrity validations. - Tooling & Automation: Evaluate, select, and deploy DevSecOps and GIS tools that enhance automation, security, GIS data management, and overall efficiency, including static and dynamic analysis, vulnerability scanning, and compliance management with a focus on GIS environments. - Process Optimization: Analyze and optimize existing DevOps processes to incorporate both security and GIS best practices, improving the effectiveness and efficiency of software development and delivery processes. - Collaboration & Training: Work closely with development, operations, security, and GIS teams to foster collaboration, provide training on DevSecOps and GIS practices, and promote a shared responsibility for security and spatial data management. - Incident Response & Management: Lead efforts to identify, manage, and mitigate security incidents and vulnerabilities in both the DevSecOps and GIS environments, ensuring rapid resolution and minimal impact. - Continuous Improvement: Stay informed about the latest trends, tools, and techniques in DevSecOps, GIS technologies, and security, continuously refining processes and practices to address emerging security challenges and improve overall performance. Required Qualifications - Bachelor’s degree in Computer Science, Cybersecurity, GIS, or a related field. - 5+ years of experience in DevOps, security engineering, or related roles, with a focus on integrating security into DevOps practices and processes, - 2+ years of experience working with GIS technologies. - Certifications: - Relevant certifications such as Certified DevSecOps Engineer, AWS Certified Security, GIS Professional (GISP), or equivalent required - Proficient in DevOps tools (e.g., Jenkins, GitLab CI, Docker), GIS tools (e.g., ArcGIS, QGIS), and security testing tools (e.g., OWASP ZAP, Snyk). - Strong understanding of cloud security best practices and GIS data management in cloud environments (e.g., AWS, Azure, GCP). Preferred Qualifications - Master’s degree in Computer Science, Cybersecurity, GIS, or a related field preferred Skills & Competencies - DevSecOps & GIS Expertise: In-depth knowledge of DevSecOps principles, practices, and GIS technologies, with experience integrating both into CI/CD pipelines. - Security & GIS Automation: Expertise in automating security controls and GIS data validation workflows, including vulnerability scanning, spatial data analysis, and compliance management. - Cloud & Infrastructure Security: Strong understanding of cloud security principles and practices, including securing cloud-based GIS environments, containers, and microservices architectures. - Process Optimization: Ability to analyze and optimize DevOps processes to enhance both security and GIS data management, ensuring seamless integration. - Collaboration & Training: Proven ability to collaborate with cross-functional teams (development, security, GIS) and provide training on both DevSecOps and GIS best practices. - Incident Management: Strong skills in managing and mitigating security and GIS-related incidents, with experience leading incident response efforts. Candidates from Historically Underutilized Business Zones (HUBZone) are strongly encouraged to apply. To determine whether you reside in a HUBZone, visit: https://maps.certify.sba.gov/hubzone/map.