Role Description The DevSecOps Engineer supports the design, development, and deployment of secure, scalable software solutions within a modern microservices architecture. This role partners with development teams to transition legacy systems into containerized environments, implement secure CI/CD pipelines, and integrate security practices throughout the software development lifecycle. The DevSecOps Engineer plays a key role in enabling automation, improving system reliability, and ensuring compliance with security standards. Key Responsibilities - Collaborate with software development teams to refactor existing applications and build new solutions using microservices architecture. - Design, implement, and maintain secure CI/CD pipelines to support continuous integration and delivery. - Integrate security tools and practices into all phases of the development lifecycle. - Support containerization efforts using technologies such as Docker and Kubernetes within hardened environments. - Deploy, monitor, and sustain microservices using commercial and open source tools. - Automate infrastructure provisioning and configuration management using infrastructure as code practices. - Identify vulnerabilities and implement remediation strategies across applications and environments. - Provide guidance and best practices for secure coding, system design, and DevSecOps processes. - Support system monitoring, logging, and performance optimization efforts. Qualifications - 5 years of relevant experience in DevOps, DevSecOps, or software engineering environments. - Experience with CI/CD tools such as Jenkins, Azure DevOps, or GitHub Actions. - Experience with version control and artifact management tools such as Git, GitHub, Sonatype Nexus, or JFrog Artifactory. - Experience with containerization technologies such as Docker and orchestration tools such as Kubernetes and Helm. - Familiarity with cloud environments such as AWS, Azure, or Google Cloud. - Understanding of security practices including vulnerability scanning, secrets management, and compliance frameworks. - Experience with scripting or automation using languages such as Python, Bash, or PowerShell. - Strong problem solving skills and ability to work in a collaborative team environment. - Must have an Active Secret clearance currently. Preferred Qualifications - Experience working in federal or regulated environments. - Experience with infrastructure as code tools such as Terraform, Ansible, or AWS CloudFormation. - Experience working in managed Kubernetes environments such as Azure AKS, AWS EKS, or Google GKE. - Experience with security tools such as Snyk, Black Duck, SonarQube, or Wiz. - Familiarity with secrets management solutions such as HashiCorp Vault, AWS Secrets Manager, or Google Secret Manager. - Knowledge of monitoring and telemetry tools such as Prometheus, Grafana, Splunk, or ELK. - Familiarity with serverless and microservices based architectures using AWS Lambda, Azure Functions, or Google Cloud Functions. - Understanding of zero trust architecture and secure system design principles. Benefits - C5MI offers a market competitive suite of benefits including medical, dental, vision, life, and long-term disability coverage. - 401(k) plan. - Bonus opportunities. - Paid holidays and paid time off.

Design and maintain scalable Azure cloud infrastructure and automated CI/CD pipelines, manage Azure Virtual Machines for development workflows, and integrate security best practices into deployment pipelines to ensure compliance and protect...

Lead the modernization of legacy product pipelines to a next-generation platform, ensuring build reliability, promoting automated workflows, and providing technical guidance to enhance engineering efficiency and quality standards.

• Design, implement, and maintain monitoring and observability solutions using tools like Prometheus, Grafana Stack (Loki/Grafana/Tempo/Alert Manager), Datadog, and OpenTelemetry. • Define and implement SLOs, SLIs, and error budgets to measure system reliability. • Develop and optimize dashboards, alerts, and reports for system performance and business metrics. • Design actionable alerting strategies to minimize noise and improve MTTR. • Integrate alerting systems with Jira. • Establish and refine runbooks for on-call teams to handle alerts efficiently. • Empower teams to ensure observability coverage and incident response practices. • Analyze system performance metrics, identify bottlenecks, and implement optimizations to improve system efficiency, scalability, and cost-effectiveness. • Help conduct load testing and capacity planning to ensure systems can handle peak traffic loads. • Identify opportunities for automation and develop tools to streamline operational processes, such as fail-over, configuration management, and monitoring. • Implement monitoring and alerting systems within automations to detect and resolve issues proactively. • Collaborate closely with cross-functional teams, including software engineers, operations, and infrastructure teams, to understand system requirements, provide technical guidance, and drive solutions. • Communicate effectively to stakeholders about system changes, incidents, and improvements. • Foment and spread SRE principles and practices across the company.