• Promote DevOps culture within the project, driving process automation • Build and maintain infrastructure as code • Implement CI/CD pipelines • Support cloud environments • Ensure reliability, scalability, and security of applications and platforms • Contribute to an agile and efficient development journey • Develop and maintain backend applications using Java • Manage and automate infrastructure in cloud environments (AWS and Azure) • Administer, monitor, and optimize development, staging, and production environments • Create and manage containerized environments using Docker and Kubernetes • Apply Infrastructure as Code (IaC) practices • Administer web servers and relational and non-relational databases • Implement and maintain monitoring, observability, and troubleshooting solutions • Ensure environment security by applying DevSecOps practices • Perform incident analysis, problem resolution, and continuous system improvements • Participate in rollouts, deployments, and changes in production environments • Share technical knowledge and support the growth of development and operations teams

• Support the design, implementation, and maintenance of secure technology solutions within the federal government • Design, implement, and maintain security controls across cloud and on-premises environments • Conduct security assessments, vulnerability analysis, and risk evaluations of applications, infrastructure, and systems • Support continuous monitoring activities, including security event analysis and incident response efforts • Develop and maintain security documentation, including System Security Plans (SSPs), security procedures, and risk assessments • Assist with Authorization to Operate (ATO) activities and ongoing compliance requirements • Design, implement, and maintain secure CI/CD pipelines supporting application development and infrastructure deployments • Integrate automated security testing into the software development lifecycle • Develop Infrastructure as Code (IaC) solutions using tools such as Terraform, CloudFormation, or Ansible • Automate security controls, compliance checks, and deployment processes • Support Kubernetes, Docker, and cloud-native application deployments • Analyze security findings and develop remediation recommendations • Support vulnerability management activities, including tracking, prioritization, and remediation verification • Participate in security audits and assessments conducted by internal and external stakeholders • Monitor emerging threats and recommend improvements to security posture.

• Lead a short-term engagement focused on establishing secure secrets management patterns • Strengthen application security practices • Create repeatable DevSecOps standards across a modern Azure-based environment • Serve as a trusted advisor and hands-on technical leader • Partner with engineering and architecture teams to assess current-state practices and identify security gaps • Design future-state patterns and implement foundational security controls • Improve SDLC controls and create reusable guidance that can be adopted across multiple teams and applications

• Design, implement, and maintain automated CI/CD pipelines that carry code from development through security scanning, compliance validation, and deployment into Navy and DoD environments • Build and maintain hardened Kubernetes environments aligned to DISA STIG requirements across cloud and restricted network deployment contexts • Automate security artifact generation including SBOM production, CVE scanning, and continuous compliance validation • Drive adoption of Infrastructure as Code, GitOps practices, and controls-as-code across the team • Leverage AI tooling to accelerate pipeline development, vulnerability triage, compliance remediation, and operational documentation • Partner closely with software engineers, systems engineers, and ISSEs to embed security and compliance requirements from the start of development • Maintain and evolve deployment infrastructure across multiple secure environments, including cloud and air-gapped or intermittently connected contexts • Support ATO processes through automated evidence generation, documentation as code, and direct collaboration with the security team • Establish and promote standards for pipeline design, container security, secrets management, and deployment consistency • Contribute to feature development when team capacity requires, applying security-first development practices to application code • Maintain operational documentation including runbooks, deployment guides, and architecture diagrams as version-controlled artifacts