Job Closed
This listing is no longer active.
A business unit of General Dynamics, General Dynamics Information Technology (GDIT) supports some of the United States' most complex government, defense, and in
Senior PKI / Credential Lifecycle Management (CLM) Engineer
Location
United States
Posted
107 days ago
Salary
$124.1K - $142.7K / year
Seniority
Senior
No structured requirement data.
Job Description
Senior PKI / Credential Lifecycle Management (CLM) Engineer
General Dynamics
Role Description We are seeking an experienced Senior PKI/CLM Engineer who can independently lead the deployment of Credential Lifecycle Management (CLM) solutions with minimal technical guidance. This individual will bring strong expertise in PKI modernization, automation, authentication technologies, and mobile credentialing, supporting enterprise-scale identity transformation initiatives. Key Responsibilities - Lead end-to-end CLM deployment activities with very limited oversight. - Contribute to and help drive modernization strategies, best practices, and emerging identity concepts within the team. - Provide expert-level guidance and troubleshooting for complex PKI architecture and operational issues. - Support deployment and integration of derived credentials, including mobile credentialing and Certificate-Based Authentication (CBA) token solutions. - Apply deep knowledge of YubiKey and FIDO authentication standards and implementation patterns. - Design, develop, or enhance scripting and automation workflows using PowerShell, REST APIs, and SOAP interfaces. - Partner with security, engineering, and application teams to ensure certificate services align with enterprise security and compliance standards. Qualifications - 7+ years of related experience. - Strong hands-on experience deploying and operating CLM platforms (any enterprise CLM is acceptable). - Solid understanding of PKI concepts including certificate authorities, OCSP, CRLs, trust chains, key management, and token lifecycle operations. - Expertise with YubiKey, FIDO2/WebAuthn principles, and hardware-based authentication workflows. - Experience with derived credential solutions, mobile authentication, and CBA token deployments. - Proficiency with automation and scripting, including PowerShell, REST API integrations, and SOAP-based solutions. - Ability to troubleshoot and resolve complex PKI and credentialing issues with minimal direction. - Strong communication skills and ability to provide strong leadership on modernization efforts. Requirements - US Citizenship Required: No Benefits - Variety of medical plan options, some with Health Savings Accounts. - Dental plan options. - Vision plan. - 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. - Full flex work weeks where possible. - Variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement, and jury duty leave. - Short and long-term disability benefits. - Life, accidental death and dismemberment, personal accident, critical illness, and business travel and accident insurance. Company Description We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 30,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.
Related Guides
Related Categories
Related Job Pages
More DevOps Engineer Jobs
• You will be writing YAML, configuring tools, and committing code: • SAST – Static Application Security Testing - Integrate SonarQube into GitHub Actions for code quality and security scanning • Configure quality gates and security rules for Python, R, and PHP codebases • Set up branch analysis and PR decoration • Dependency Scanning & SCA - Implement Snyk for dependency vulnerability scanning in CI pipelines • Configure Snyk for Python, R, and PHP projects • Set up automated fix PRs and vulnerability tracking • Integrate Snyk with GitHub for continuous monitoring • Container Image Security - Configure AWS ECR Enhanced Scanning for container images • Set up ECR scan-on-push and findings routing to Security Hub • Create Dockerfile security best practices and base image guidelines • Secret Scanning & Management - Configure GitHub secret scanning and push protection • Implement pre-commit hooks • Set up AWS Secrets Manager integration patterns for applications • Security Gates & Pipeline Governance - Create security gates that block deployments on critical/high findings • Configure severity thresholds and exception workflows • Document all configurations for ISO 27001 audit evidence
DevSecOps Engineer, CI/CD Security Implementation
ISCC – the International Sustainability and Carbon CertificationCertifying biofuels, bioplastics, and biomaterials. 🌍
• You will be writing YAML, configuring tools, and committing code • SAST – Static Application Security Testing - Integrate SonarQube into GitHub Actions for code quality and security scanning • Configure quality gates and security rules for Python, R, and PHP codebases • Set up branch analysis and PR decoration • Implement Snyk for dependency vulnerability scanning in CI pipelines • Configure Snyk for Python, R, and PHP projects • Set up automated fix PRs and vulnerability tracking • Integrate Snyk with GitHub for continuous monitoring • Configure AWS ECR Enhanced Scanning for container images • Set up ECR scan-on-push and findings routing to Security Hub • Create Dockerfile security best practices and base image guidelines • Configure GitHub secret scanning and push protection • Implement pre-commit hooks • Set up AWS Secrets Manager integration patterns for applications • Create security gates that block deployments on critical/high findings • Configure severity thresholds and exception workflows • Document all configurations for ISO 27001 audit evidence
Principal DevSecOps Engineer
DSC ResourcesWe are transforming toward autonomous, stream-aligned teams with independent deployment capabilities. This role is central to that vision - establishing data architecture excellence that enables teams to move fast without creating future problems. You'll define data strategy for a growing engineering organization in healthcare technology, working directly with engineering leadership on this transformation.
Role Description The Principal DevSecOps Engineer will serve as a senior technical leader within the DevSecOps Center of Excellence (CoE), driving automation, security, observability, and cost optimization across the enterprise. This role operates at the CoE level—establishing global standards, frameworks, reusable automation modules, and governance that enable consistent and secure software delivery at scale. This individual will act as a technical authority, mentor, and cross-functional collaborator, ensuring that DevSecOps best practices are applied across CI/CD pipelines, infrastructure-as-code (IaC), cloud security, and FinOps. The role requires strong hands-on expertise in DevSecOps tooling, a deep understanding of modern cloud-native architectures, and the ability to influence product teams through thought leadership, frameworks, and reusable solutions. Qualifications - 15+ years in DevOps, Cloud, or Security Engineering, with expert-level technical leadership in DevSecOps. - Strong expertise in CI/CD pipeline design, automation, and governance. - Hands-on with CI/CD tools: GitHub Actions, GitLab CI, ArgoCD, Artifactory, Jenkins, Veracode, SonarQube. - Deep experience with cloud security and AWS services (IAM, KMS, GuardDuty, Security Hub, CloudTrail). - Proficiency in containers & orchestration (Docker, Kubernetes, EKS, ECS). - Strong hands-on with Infrastructure-as-Code and GitOps (Terraform, Pulumi, Crossplane, CloudFormation). - Familiarity with observability platforms (New Relic, Datadog, Prometheus, Grafana, OpenTelemetry, CloudWatch). - Programming/scripting expertise in Python, Go, C#, and shell scripting. - Knowledge of DORA metrics and proven success in improving delivery performance. - Practical experience with FinOps practices and cost governance. Requirements - Act as the technical lead for the DevSecOps CoE, driving strategy and execution of security, automation, and observability practices. - Design and maintain reusable CI/CD frameworks, IaC modules, and security guardrails for consistent adoption across all product lines. - Define, document, and enforce DevSecOps standards, policies, and best practices. - Mentor embedded DevSecOps engineers and provide guidance on pipeline design, automation, cost optimization, and compliance. - Architect and optimize CI/CD pipelines (GitHub Actions, GitLab CI, ArgoCD, Jenkins, Artifactory, Veracode) to enable frequent, secure deployments. - Integrate SAST, SCA, DAST, and container scanning into delivery workflows. - Establish GitOps practices using Terraform, Pulumi, or Crossplane for infrastructure provisioning. - Track and drive improvements in DORA metrics (deployment frequency, lead time, MTTR, change failure rate). - Implement “shift-left” security by embedding security testing and compliance automation into pipelines. - Partner with Security and SRE teams to enforce SLIs, SLOs, and error budgets in delivery pipelines. - Advance unified observability initiatives by integrating New Relic, Datadog, Prometheus, Grafana, OpenTelemetry, and CloudWatch into pipelines. - Ensure compliance with HIPAA, SOC2, GDPR, and internal governance frameworks. - Build cost-awareness into CI/CD and IaC workflows by embedding FinOps checks and cost gates. - Collaborate with FinOps and Cloud teams to enforce cost tagging, rightsizing, and efficiency standards. - Provide insights and automation for cloud cost optimization across AWS services (EKS, ECS, EC2, S3, RDS, containers). - Partner with Engineering, Product, SRE, and Security leaders to align on standards and frameworks. - Drive knowledge sharing and enablement through playbooks, templates, documentation, and internal CoP (Community of Practice) sessions. - Act as the escalation point for complex DevSecOps technical challenges across teams. Benefits - Estimated Salary Range: $182,000 - $205,000 plus bonus.
Einleitung Gestalte die Cloud-Welt aktiv mit Du hast Erfahrung mit Kubernetes und Cloud-Technologien und möchtest anspruchsvolle Projekte mitgestalten? In einem agilen, inhabergeführten Unternehmen mit modernem Tech-Stack übernimmst du Verantwortung für den Aufbau zukunftsfähiger Cloud-Plattformen und begleitest Kund:innen bei ihrer Cloud Journey – von der ersten Idee bis zum produktiven Betrieb. Deine Aufgaben - Aufnahme und Analyse von Kundenanforderungen im Kubernetes-Umfeld - Konzeption und Aufbau moderner Entwickler- und Plattformlösungen - Durchführung von Workshops und Strategiemeetings zur Weiterentwicklung bestehender Plattformen - Beratung zu Architekturentscheidungen rund um Usability, Skalierbarkeit und Betrieb - Enge Zusammenarbeit mit interdisziplinären Teams und Integration bestehender Lösungen - Langfristige Betreuung und Weiterentwicklung von Kundenumgebungen - Implementierung der konzipierten Cloud- und Containerlösungen beim Kunden Dein Profil - Abgeschlossenes IT-Studium oder Ausbildung im Bereich Fachinformatik (Systemintegration oder verwandte Fachrichtung) - Mehrjährige Erfahrung im Aufbau, Betrieb und der Konzeption von Kubernetes-basierten Plattformen (mind. 2-3 Jahre) - Sicheres Auftreten mit ausgeprägter Kundenorientierung und analytischem Denken - Kenntnisse über Integration von Kubernetes in Enterprise-Umgebungen - Erfahrung mit mindestens einem Hyperscaler (AWS, Azure, GCP) und On-Premise-Alternativen - Nice-to-have: Erfahrung mit VMware - Sehr gute Deutsch- und gute Englischkenntnisse Benefits - Full remote-Möglichkeit innerhalb Deutschlands, gelegentliche Kundentermine vor Ort sind ggf. möglich - Vertrauensarbeitszeit und 30 Tage Urlaub - Offene, moderne Unternehmenskultur mit flachen Hierarchien und Teamspirit - Individuelle Einarbeitung, kontinuierliche Weiterbildung inkl. Zertifizierungen und technische Verantwortung ab Tag eins - Betriebliche Altersvorsorge mit Zuschuss - Jobrad-Leasing und Sachbezugskarte - Fitness- und Wellnessangebote über EGYM Wellpass - Mitarbeiterevents und Corporate Benefits - Bonus- und Prämienmodelle



