• Manages and integrates DevSecOps practices across DevOps Engineering, Release Management, and Security operations • Acts as a key manager and technical liaison, bridging internal teams and IT stakeholders • Ensures that software-delivery pipelines are aligned with technical standards and federal security frameworks • Plays an active role in implementation and problem-solving • Guides integration of infrastructure and drives project delivery • Communicates clearly with leadership and monitors delivery and release metrics.

• Build and maintain cloud native infrastructure architectures that are secure, NIST 800-53 compliant, resilient and optimized for performance • Assess architectures and designs for security vulnerabilities and suggest and implement proper alternatives • Come up with customized tools for security purposes in DevOps. • The professionals should be well-versed in at least one of the programming languages like Java, PHP, Python, Ruby, and Perl to collaborate competently with other teams within the organization • Possess deep and hands-on knowledge of AWS or Azure, Docker, Kubernetes, and how to implement developer tools such as GitHub and Dependency management • Use configuration management tools (Terraform, Ansible, Docker & Multipass) to deploy cloud infrastructure, platform stack, HTTP/TLS security, and compliance assets • Automate routine tasks to provide scalability to operations • Create and oversee automated release operations as well as the advancement of desired state automated CI-CD Pipelines using Jenkins, Spinnaker and other relevant CI-CD tools • Create CI/CD pipelines as code (PaCs) • Deploy infrastructure on cloud platforms by writing IaCs and other relevant manifests and scripts

• Designing, implementing, and maintaining the DevSecOps toolchain that supports the Salesforce-based MESH platform and its integrations across AWS, Microsoft 365, T-MSIS, MBES/MacFin, and CMS DataConnect • Building and operating CI/CD pipelines using GitHub Actions and Copado that automate build, test, security scanning, deployment, and rollback for both Salesforce and AWS-hosted components • Managing AWS cloud infrastructure using infrastructure-as-code (Terraform, AWS CloudFormation) and configuration management tools (Ansible), in alignment with CMS Cloud governance and FedRAMP Moderate baselines • Implementing observability across the platform using tools such as Splunk, AWS CloudWatch, New Relic, or Dynatrace; building dashboards and alerts for system health, latency, throughput, error rates, and capacity (median, 95th, and 98th percentile) • Automating day-to-day operational tasks (provisioning, patching, configuration, user/access management) using Python, Bash, PowerShell, and AWS APIs to reduce toil and improve repeatability • Partnering with the security team to integrate security gates (SAST, DAST, SCA, container scanning) into pipelines and to remediate vulnerabilities within CMS-defined timeframes • Supporting incident, change, and problem management as part of an integrated Agile delivery team; contributing to root-cause analyses and preventive actions • Maintaining hardened, monitored environments for development, testing, UAT, staging, and production with minimum-downtime deployment strategies and tested rollback procedures • Implementing data backup, retention, and disaster-recovery solutions for both Salesforce and AWS-hosted assets, validated through scheduled restoration tests • Managing user access, secrets, and certificates across CMS IDM/Okta, EUA, AWS IAM, GitHub, and Copado in accordance with least-privilege and zero-trust principles • Documenting architecture, runbooks, deployment procedures, and operational standards in CMS-approved tools (Confluence, Box, GitHub) and ensuring transparency for CMS Product Owners • Coordinating with the CMS Cloud contractor to optimize cloud resource utilization, cost, and adherence to CMS Cloud governance processes • Mentoring engineers on DevSecOps best practices, automation-first design, and continuous-improvement metrics tied to deployment frequency and reliability

• Building & maintaining our infrastructure • Collaborating closely with software development and implementation teams • Ensuring the security and compliance of our systems • Driving automation initiatives • Infrastructure as Code (IaC) • Implementing Continuous Integration/Continuous Deployment (CI/CD) pipelines • Managing Software as a Service (SaaS) tools • Identity and Access Management (IAM) permission management • Generating insightful reports • Enhancing our security posture • Designing, developing and maintaining infrastructure as code (IaC) using tools like Terraform, Ansible, or CloudFormation • Writing scripts and developing automation tools to streamline repetitive tasks • Managing source code repositories using version control systems like Git • Designing, implementing, and maintaining CI/CD pipelines to automate software build, test, and deployment processes using tools like Jenkins, or CircleCI • Working with containerization technologies such as Docker and container orchestration platforms like Kubernetes • Setting up monitoring and logging solutions to track system performance, detect anomalies, and troubleshoot issues • Building dashboards and alerts to monitor system health • Creating and maintaining documentation for infrastructure configurations, deployment processes, and troubleshooting procedures • Investigating and resolving issues related to infrastructure, deployment pipelines, and application performance.