Senior Platform / DevSecOps + Security Engineer
Location
United States
Posted
72 days ago
Salary
0
Seniority
Senior
No structured requirement data.
Job Description
Senior Platform / DevSecOps + Security Engineer
IntelliTech LLC
Location: Remote Employment Type: Full-Time (W-2) Citizenship: U.S. Citizenship required IntelliTech is seeking a Senior Platform / DevSecOps + Security Engineer to lead the infrastructure modernization, security hardening, authorization pathway, and production promotion of a Government-owned digital twin application deployed in an Army cloud environment. The application is a supply chain simulation platform built on Python, FastAPI, React, and MongoDB and currently operates as a monolithic Docker deployment. This role will help transition it into a production-grade, containerized, split-service architecture aligned to Army cloud platform requirements, DevSecOps delivery practices, and production promotion gates. This is a hands-on role on a lean, senior team. The ideal candidate will architect deployment infrastructure, build CI/CD pipelines, harden the application for production, support authorization evidence development, and help lead promotion from development through production. This individual will work directly with Army platform teams, security stakeholders, and identity management teams to ensure the application is secure, scalable, supportable, and ready for operational use. Key Responsibilities Infrastructure and Deployment Architecture - Transition the application from a single-host Docker deployment to a split-service containerized architecture using Amazon EKS, ECS, or another approved orchestration model. - Design and implement multi-tier environment separation across development, test/staging, and production. - Package frontend, backend API, and simulation worker services as independently deployable container artifacts. - Implement infrastructure-as-code using Terraform, CloudFormation, or approved equivalents for repeatable provisioning and configuration management. - Design the distributed execution model allowing simulation workers to scale independently from the API tier with bounded concurrency and isolation controls. - Configure managed platform services for persistence, caching, object storage, secrets management, and observability. CI/CD and Release Engineering - Build and maintain CI/CD pipelines using approved toolchains such as GitLab CI, GitHub Actions, or government-provided platform tooling. - Integrate automated build, test, container scanning, dependency scanning, SAST, and DAST into the delivery pipeline. - Implement promotion workflows with quality and security gates for development-to-staging and staging-to-production transitions. - Generate and maintain software bill of materials (SBOM) and dependency inventories as part of the build process. - Design rollback and recovery procedures for failed deployments, including restoration of prior known-good versions. Security Hardening and Compliance - Harden container images and dependency baselines in alignment with STIG requirements and approved security standards. - Implement managed secrets storage, encryption in transit and at rest, least-privilege IAM policies, and appropriate network segmentation. - Integrate vulnerability scanning into release workflows and support remediation tracking. - Support closure of security findings through remediation, compensating controls, and evidence updates. - Ensure artifact retention and traceability sufficient to support promotion approval and auditability. Identity and Access Management - Integrate the application with CAC-enabled SSO and the identity provider required by the target environment using SAML, OIDC, or platform-specific approaches. - Replace local account models with externalized authentication through approved identity services. - Implement role-based access controls for analyst, administrator, and system functions. - Ensure user actions are traceable to authenticated identities. Authorization and Production Promotion - Support the application-specific authorization effort from evidence planning through submission and remediation. - Produce and maintain authorization artifacts such as architecture diagrams, data flows, SBOMs, scan evidence, logging and monitoring descriptions, and operational runbooks. - Align evidence to the platform’s inheritance model where applicable rather than building a fully standalone compliance package. - Coordinate with government security stakeholders on evidence expectations, findings, and remediation. - Lead technical execution for promotion from development into production through approved DevSecOps pipelines and release gates. Operations and Sustainment - Implement centralized logging, metrics, alarms, and service health monitoring across all application components. - Develop operational runbooks for deployment, monitoring, incident response, scaling, and maintenance. - Produce administrator and operator documentation, troubleshooting guides, and sustainment handoff materials. - Support training and transition activities at the conclusion of the implementation period. Required Qualifications - Bachelor’s degree in Computer Science, Information Systems, Engineering, Cybersecurity, or a related technical discipline and 8+ years of relevant experience; or Master’s degree in a related field and 6+ years of relevant experience. - 8+ years of professional experience in DevOps, platform engineering, infrastructure engineering, or cloud engineering roles. - Hands-on experience supporting ATO or cATO-related processes, including authorization evidence development, security findings remediation, and working with assessors or platform security stakeholders. - Experience deploying and operating applications in DoD or other accredited government cloud environments. - Strong experience with container orchestration using Amazon EKS, ECS, Kubernetes, or similar platforms. - Strong experience with infrastructure as code, including Terraform, CloudFormation, Helm, or similar tooling. - Experience designing and maintaining CI/CD pipelines with integrated automated testing, scanning, and promotion controls. - Experience with security hardening, including STIG-aligned practices, vulnerability remediation, SBOM generation, and secure container/image management. - Experience with AWS services such as EC2, EKS/ECS, S3, IAM, KMS, Secrets Manager, SSM, CloudWatch, VPC/networking, Redis/ElastiCache, and document or relational persistence services. - Experience integrating identity and access management solutions such as SSO, SAML, OIDC, RBAC, or CAC-enabled access patterns. - Strong communication skills and the ability to work directly with technical, operational, and security stakeholders. Preferred Qualifications - Direct experience supporting Army cloud environments or similar government-managed enterprise cloud platforms. - Experience with RMF, eMASS, and inherited authorization models. - Experience operating in IL4 / IL5 or similarly regulated environments. - Experience with container security and vulnerability scanning tools such as Prisma Cloud, Anchore, Twistlock, or similar platforms. - Familiarity with Docker Compose to Kubernetes migration patterns. - Experience with MongoDB to DocumentDB migration or similar managed database transition efforts. - Experience supporting Python / FastAPI application deployment and performance tuning. - Prior experience supporting Army, logistics, manufacturing, industrial base, or enterprise platform modernization programs. - Certifications such as Security+, CISSP, or relevant cloud / Kubernetes certifications. Tech Stack - Orchestration: Amazon EKS or ECS, Kubernetes, Helm - IaC: Terraform, CloudFormation - CI/CD: GitLab CI, GitHub Actions, or government-approved tooling - Cloud: AWS services including EC2, EKS/ECS, S3, IAM, KMS, Secrets Manager, SSM, CloudWatch, Redis/ElastiCache, and managed persistence services - Containers: Docker, multi-stage builds, hardened base images - Security: STIG-aligned hardening, vulnerability scanning, SBOM generation, DAST / SAST - Identity: CAC / SSO, SAML, OIDC, RBAC - Monitoring: CloudWatch, Prometheus / Grafana where approved, centralized logging - Authorization: RMF, eMASS, inherited authorization packages, ATO / cATO evidence support - Application: Python 3.11+, FastAPI, React, MongoDB / DocumentDB Interview Process Video interview required and may include a technical assessment. Candidates should be prepared to discuss: - their experience designing and operating secure cloud infrastructure and CI/CD pipelines - how they have supported authorization, compliance, or security evidence efforts - examples of applications they have containerized, hardened, and promoted to production - their experience with AWS, Kubernetes, IaC, scanning, and release automation - how they have handled identity integration, observability, and secure operations in regulated environments Compensation and Benefits IntelliTech is committed to fair and equitable compensation practices. Actual compensation packages are based on several factors unique to each candidate, including but not limited to job-related skills, depth of experience, relevant certifications and training, and specific work location. Based on these factors, IntelliTech utilizes the full width of the salary range. IntelliTech provides a comprehensive benefits package designed to support employees’ well-being and professional growth, including health, dental, and vision insurance, a 401(k), paid time off, professional development opportunities, and flexible work arrangements to support work-life balance. About IntelliTech IntelliTech is a dynamic and forward-thinking small business specializing in Full Stack Engineering, Data Analytics, Cloud Solutions, and DevSecOps services. Our mission is to empower government and commercial clients to solve complex technical challenges through practical, innovative, and mission-focused engineering solutions. Equal Opportunity Employer At IntelliTech, we are committed to building a diverse and inclusive workplace. We believe that a variety of perspectives and backgrounds leads to stronger teams and better solutions. IntelliTech is an Equal Opportunity Employer and does not discriminate on the basis of race, religion, gender, age, disability, or veteran status. We encourage all qualified candidates to apply.
Related Guides
Related Categories
Related Job Pages
More DevOps Engineer Jobs
DevOps Engineer
CiklumAt Ciklum, we are always exploring innovations, empowering each other to achieve more, and engineering solutions that matter. With us, you’ll work with cutting-edge technologies, contribute to impactful projects, and be part of a One Team culture that values collaboration and progress. As one of Ukraine’s largest IT companies and a top employer recognized by Forbes, we’ve spent over 20 years delivering meaningful tech solutions. We proudly support diverse talent and military veterans, recognizing their unique skills and perspectives they bring to shaping the future.
Ciklum is looking for a DevOps Engineer to join our team full-time in India. We are a custom product engineering company that supports both multinational organizations and scaling startups to solve their most complex business challenges. With a global team of over 4,000 highly skilled developers, consultants, analysts and product owners, we engineer technology that redefines industries and shapes the way people live. About the role: As a DevOps Engineer, become a part of a cross-functional development team engineering experiences of tomorrow. The DevOps group at NI R&D is seeking a skilled, motivated, and hands-on Mid-Level DevOps Engineer to help drive the development of internal products that enhance R&D efficiency and support CI/CD processes at National Instruments. In this role, you will work in an Agile environment and contribute to shaping our DevOps culture, designing and building future infrastructure for product deployment across multiple platforms. You will collaborate closely with various R&D teams to improve productivity, streamline development workflows, and ensure reliable delivery pipelines. Responsibilities: - Design, develop, and maintain deployment tools supporting a hybrid Linux/Windows environment - Own and enhance development lifecycle tooling, including build systems, code management, and CI/CD pipeline infrastructure - Support installation, deployment, and upgrade processes for on-premises and cloud- based customer environments - Develop custom automation and integrations with existing tools to increase engineering efficiency - Collaborate with cross-functional teams to identify bottlenecks, improve workflows, and adopt DevOps best practices Requirements: - 3+ years of experience working in a DevOps or similar engineering role - Hands-on experience with configuration management tools such as Ansible or Puppet - Experience with Terraform and/or Terragrunt for infrastructure-as-code - Practical experience with containerization and orchestration technologies (Kubernetes, Docker) and/or cloud deployment platforms - Strong programming and scripting skills; familiarity with build automation tools - Experience with Git or similar source control systems - System administration experience in both Windows and Linux environments - Experience designing, maintaining, and improving CI/CD pipelines and release processes, preferably using Azure DevOps What`s in it for you? - Strong community: Work alongside top professionals in a friendly, open-door environment - Growth focus: Take on large-scale projects with a global impact and expand your expertise - Tailored learning: Boost your skills with internal events (meetups, conferences, workshops), Udemy access, language courses, and company-paid certifications - Endless opportunities: Explore diverse domains through internal mobility, finding the best fit to gain hands-on experience with cutting-edge technologies - Flexibility: Enjoy radical flexibility – work remotely or from an office, your choice - Care: We’ve got you covered with company-paid medical insurance, mental health support, and financial & legal consultations About us: At Ciklum, we are always exploring innovations, empowering each other to achieve more, and engineering solutions that matter. With us, you’ll work with cutting-edge technologies, contribute to impactful projects, and be part of a One Team culture that values collaboration and progress. As one of Ukraine’s largest IT companies and a top employer recognized by Forbes, we’ve spent over 20 years delivering meaningful tech solutions. We proudly support diverse talent and military veterans, recognizing their unique skills and perspectives they bring to shaping the future. Want to learn more about us? Follow us on Instagram, Facebook, LinkedIn. Explore, empower, engineer with Ciklum! Interested already? We would love to get to know you! Submit your application. We can’t wait to see you at Ciklum.
Qui sont-ils ? 🚀 Accompagner les entrepreneurs pour qu’ils réussissent. Aujourd'hui je vais te raconter une histoire, celle de Dougs, Dougs, c’est avant tout une histoire humaine, c’est la rencontre de Véronique, Sarah et Patrick, experts-comptables et de Florent, ingénieur. C’est une société disruptive qui réinvente sans limite l’accompagnement des entrepreneurs. Dougs, c’est bien plus qu’un cabinet d’expertise comptable. Avec une équipe de plus de 90 ingénieurs et 270 professionnels des métiers (experts comptables et avocats), Dougs, c’est une société qui bouscule les codes. En 2023, notre vision a pris une nouvelle envergure avec une levée de fonds de 25 millions d'euros. Demain ? Nous allons bâtir une équipe de 500 passionnés partageant nos valeurs : Simple, Professionnel, Enthousiaste, Fantastique, Efficience totale, Voir grand. C'est par une approche innovante et révolutionnaire de la comptabilité et de l’entrepreneuriat que Dougs change la donne pour plus de 36 000 entrepreneurs. Alors, prêt à faire partie de l'aventure ? Descriptif du poste 🚀 Ton futur poste Chez Dougs, notre priorité est d’offrir une expérience client fantastique. Pour y parvenir, nos équipes internes doivent disposer d'outils et d'un environnement de travail d'une efficacité absolue. L'automatisation de nos systèmes internes est un levier stratégique de performance. Nous recrutons donc un Administrateur Systèmes / SysOps pour rejoindre notre département DSI. Rattaché directement au futur Responsable Infrastructure, tu intègres l'équipe Infrastructure aux côtés de nos SRE. Tu travailles de manière transverse avec toutes les équipes de Dougs pour avoir une vision à 360° de notre organisation. 🎯 Missions principales : Au quotidien, ton rôle sera de : - Participer activement aux projets en mode Agile. Tu testes et déploies des nouveaux outils, applications SaaS afin de répondre aux besoins métiers. - Être le garant de l'efficacité opérationnelle de nos outils tiers, principalement en SaaS. Ton objectif est de maintenir et industrialiser nos configurations via l'Infrastructure as Code (Ansible, Terraform, autre outil). - Assurer l’administration avancée et l’évolution de Google Workspace (rôles, droits, permissions, etc...). - Maintenir notre infrastructure système interne (VM / Proxmox) et gérer l’administration des réseaux internes (switch, routeur, Wi-Fi, etc...). - Être le garant de l’intégrité de nos systèmes en appliquant les standards ISO 27001. Face aux situations les plus complexes, tu mènes l’enquête : troubleshooting pointu, analyse fine des logs applicatifs, etc... Rien ne t’échappe, et parce que l’excellence passe aussi par la clarté, tu produis une documentation technique précise et structurée. Profil recherché 🚀 Et toi dans tout ça ? - Tu as fait un parcours Bac +5 (école d’ingénieur, université, etc.) - Tu as une XP de 5 ans minimum sur un poste similaire - Tu "parles" couramment un langage de scripting (Bash, Powershell, Python) - Tu maîtrises un outil d’infrastructure-as-code comme Ansible, Terraform (autre) pour standardiser les déploiements - Tu es à l'aise sur Google Workspace et les fondamentaux réseau - Tu es à l’aise pour chercher les informations par toi-même, comprendre les enjeux et objectifs des différentes équipes - Tu as de solides aptitudes en matière d’analyse et de résolution de problèmes pour améliorer le quotidien et l’efficacité des équipes - Tu as un regard critique, un esprit analytique et une capacité de synthèse. Tu fais preuve de rigueur et attache de l’importance aux détails Dans ce cas, le poste est fait pour toi ? Rejoins-nous ! Et même si ton profil ne correspond pas à 100% à tous les critères, n'hésite pas à nous envoyer ta candidature. Précisions du poste : Dans nos locaux en télétravail partiel ou complet, tout est possible ! Les locaux se situent à Bron collé à Lyon. Facilement accessible en transport en commun, arrêt de tram T5 Parc du Chêne, Bus 52, Bus ZI7… Bref de quoi faire… Adresse : 32 Rue du 35ème Régiment d’Aviation 69500 Bron Poste ouvert aux personnes en situation de handicap Type d'emploi : Temps plein, CDI Rémunération : 40 000,00€ à 50 000,00€ par an Déroulement des entretiens - 1er entretien visio avec Emilie, Head of Talent (30 min) - 2ème entretien visio avec Jimmy, DSI (1 h) - Use Case - Debrief du Use Case avec Jimmy, DSI, et un membre de l'équipe infrastructure, SRE (1 h)
• Provides technical leadership in designing, automating, and optimizing cloud infrastructure, CI/CD workflows, and deployment platforms that support Empower’s engineering teams • Applies deep DevOps expertise to develop scalable, secure, and resilient AWS-native solutions while driving best practices in automation, observability, and operational excellence • Partners closely with development, architecture, and security teams to enhance developer experience, accelerate delivery pipelines, strengthen production reliability, and promote consistent use of infrastructure as code • Contributes to long-term platform strategy, leads components of cross-functional initiatives, evaluates emerging technologies, and supports tactical engineering needs with a continuous improvement mindset • Leads the design, automation, and optimization of AWS-native cloud infrastructure using Terraform, CDK, and CloudFormation • Architects, builds, and maintains CI/CD pipelines for Java, Python, and other application ecosystems • Drives automation-first approaches that reduce manual effort, increase deployment consistency, and improve system reliability • Partners with engineering teams to enhance developer experience, deployment workflows, and observability capabilities • Implements and enforces AWS security best practices, including IAM policy design, network segmentation, and data protection • Leads performance monitoring, analysis, and optimization using AWS and third-party tools • Guides adoption of containerization and orchestration platforms, including Kubernetes, EKS, and GitOps practices • Troubleshoots complex production issues and provides Tier 3 operational support, including participation in an on-call rotation • Evaluates emerging cloud, automation, and DevOps technologies and recommends improvements for resiliency, efficiency, and operational maturity • Mentors engineers on DevOps principles, cloud architecture, automation patterns, and operational excellence • Contributes to functional roadmaps and collaborates with leadership on long-term infrastructure and platform strategy
Staff Site Reliability Engineer
ZocdocZocdoc is the beginning of a better healthcare experience for millions of patients every month.
Staff Site Reliability Engineer Technology Silicon Valley, CA Our Mission Healthcare should work for patients, but it doesn’t. In their time of need, they call down outdated insurance directories. Then wait on hold. Then wait weeks for the privilege of a visit. Then wait in a room solely designed for waiting. Then wait for a surprise bill. In any other consumer industry, the companies delivering such a poor customer experience would not survive. But in healthcare, patients lack market power. Which means they are expected to accept the unacceptable. Zocdoc’s mission is to give power to the patient. To do that, we’ve built the leading healthcare marketplace that makes it easy to find and book in-person or virtual care in all 50 states, across +200 specialties and +12k insurance plans. By giving patients the ability to see and choose, we give them power. In doing so, we can make healthcare work like every other consumer sector, where businesses compete for customers, not the other way around. In time, this will drive quality up and prices down. We’re 18 years old and the leader in our space, but we are still just getting started. If you like solving important, complex problems alongside deeply thoughtful, driven, and collaborative teammates, read on. Your Impact on Our Mission: As a Staff Site Reliability Engineer (SRE) at Zocdoc, you will shape how we operate safe, observable, and scalable systems across the company. You’ll lead initiatives that improve incident response, define reliability patterns, and drive organization-wide operational excellence—helping us build systems that fail gracefully, recover quickly, and scale efficiently. You won’t just respond to incidents—you’ll help design the systems, tools, and practices that teams rely on to avoid them. Your work will clarify ownership, improve on-call quality, and strengthen our observability posture. By embedding best practices into how we build and run services, you’ll enable every engineering team at Zocdoc to move faster, safer, and with greater confidence. You’ll thrive in this role if you… - Stay composed and clear during incidents, and use them as catalysts for systemic improvement - Treat observability as a strategic capability that enables better decisions, not just better dashboards - Build scalable, default-safe patterns and tools that support resiliency and reliability - Build strong cross-functional relationships and navigate complex systems to drive scalable, reliable outcomes - Are endlessly curious—about how systems fail, how teams operate, and how to make both better - Share knowledge generously and help others build with confidence and operational rigor Your day to day is… - Participate in and influence high-impact incident response efforts, contributing calm decision-making and retrospective-driven learning - Define and evolve org-wide incident practices, retrospectives, and reliability tooling - Architect and evolve observability platforms that offer actionable insight into system health, business-critical paths, and failure modes - Lead the development of reliability and observability practices, including alerting hygiene, SLOs, and deployment safeguards - Guide teams in building resilient, fault-tolerant services through consultative design, operational reviews, and safety-focused defaults - Partner with Product, Platform, and Security teams to ensure new systems are operable and scalable from day one - Design and implement internal tools that improve deployment safety, incident coordination, and production readiness - Mentor engineers across teams in operational rigor, reliability principles, and system debugging You’ll be successful in this role if you have… - 8+ years of experience operating and scaling production infrastructure in cloud-native environments - Deep expertise in incident response, debugging distributed systems, and driving reliability improvements - Strong working knowledge of observability stacks (metrics, logs, traces), alerting strategy, and SLO design - Experience implementing fault isolation, graceful degradation, and chaos engineering practices - Proficiency with infrastructure-as-code and config management (e.g., Terraform, CDK, etc.) - A proven ability to influence teams through standards, tooling, and culture—not just code - A growth mindset and strong communication skills for mentoring, influencing, and aligning across teams Benefits: - Flexible, hybrid work environment - Unlimited Vacation - 100% paid employee health benefit options (including medical, dental, and vision) - Commuter Benefits - 401(k) with employer funded match - Corporate wellness program with Wellhub - Sabbatical leave (for employees with 5+ years of service) - Competitive paid parental leave and fertility/family planning reimbursement - Cell phone reimbursement - Catered lunch everyday along with beverages and snacks - Employee Resource Groups and ZocClubs to promote shared community and belonging - Great Place to Work Certified Zocdoc is committed to fair and equitable compensation practices. Salary ranges are determined through alignment with market data and internal equity. The base salary offered will depend on experience, skills, qualifications, and business needs. Certain positions are also eligible for variable pay and/or equity. Silicon Valley, CA Base Salary Range $210,000—$270,000 USD About us Zocdoc is the country’s leading digital health marketplace that helps patients easily find and book the care they need. Each month, millions of patients use our free service to find nearby, in-network providers, compare choices based on verified patient reviews, and instantly book in-person or video visits online. Providers participate in Zocdoc’s Marketplace to reach new patients to grow their practice, fill their last-minute openings, and deliver a better healthcare experience. Founded in 2007 with a mission to give power to the patient, our work each day in pursuit of that mission is guided by our six core values. Zocdoc is a private company backed by some of the world’s leading investors, and we believe we’re still only scratching the surface of what we plan to accomplish. Zocdoc is a mission-driven organization dedicated to building teams as diverse as the patients and providers we aim to serve. In the spirit of one of our core values - Together, Not Alone, we are a company that prides itself on being highly collaborative, and we believe that diverse perspectives, experiences and contributors make our community and our platform better. We’re an equal opportunity employer committed to providing employees with a work environment free of discrimination and harassment. Applicants are considered for employment regardless of race, color, ethnicity, ancestry, religion, national origin, gender, sex, gender identity, gender expression, sexual orientation, age, citizenship, marital or parental status, disability, veteran status, or any other class protected by applicable laws.
