8(a) HUBZone IT consultancy w/ advanced partnerships w/ Amazon Web Services, Microsoft Azure & Google Cloud Platform
DevSecOps Engineer, Cloud
Location
United States
Posted
2 days ago
Salary
0
Seniority
Senior
Job Description
DevSecOps Engineer, Cloud
Simple Technology Solutions
• own the deployment infrastructure and security controls for a large-scale federal cloud platform on AWS • Design, build, and maintain the program's CICD pipeline using AWS CloudFormation templates and GitHub • automate deployments to staging and production environments ensuring all deployments execute with a single command • Configure and maintain IAM roles, network controls, and application-layer security controls across development, staging, and production environments • Integrate automated security scanning into the CICD pipeline • Ensure security scans are completed at least once per sprint • Conduct periodic load and performance testing • Support disaster recovery exercises and actual events to ensure production data loads continue as expected • Ensure compliance with FISMA, NIST 800-53, OWASP ASVS Level 2 • Maintain alignment with agency cloud well-architected principles • Participate in 2-week sprint ceremonies, quarterly PI planning, and agile delivery using JIRA and GitHub • Manage the Change Control Board (CCB) submission process.
Job Requirements
- US Citizenship is required
- Bachelor's Degree is required
- minimum of 4 years' position related experience is required
- hands-on experience with AWS CloudFormation, Infrastructure-as-Code deployments, and AWS Service Catalog in a FedRAMP-authorized environment
- Direct experience with AWS services: Lambda, Glue, S3, CloudWatch, Secrets Manager, SNS, SQS, EventBridge, Step Functions, EC2, and EMR
- Experience building and maintaining CI/CD pipelines using GitHub Actions or GitLab CI with branch-based deployment models
- Demonstrated knowledge of Zero Trust Architecture and experience implementing ZTA on AWS per federal mandates
- Experience with IAM role management, Secrets Manager credential patterns, and certificate management across multi-environment setups
- Knowledge of FISMA, NIST 800-53, and the federal SDLC/ATO process; federal agency experience strongly preferred
- Familiarity with Immutable Architecture principles and single-command deployment standards.
Benefits
- flexibility to help them thrive personally and professionally
- collaboration and continuous learning
- recognized as a “Best Place to Work”
- special incentives for team members living in qualified HUBZones
Related Guides
Related Categories
Related Job Pages
More DevOps Engineer Jobs
Practice Lead, DevSecOps
GuidePoint SecurityWe help organizations make smarter cybersecurity decisions that minimize risk.
• Delivering professional technology solutions services in an enterprise level consultative role focused on Vulnerability Management, Cloud Security, Application Security, and AI • Proactively works to mature the practice, including improving/finalizing existing offerings focused on vulnerability management, creating new offerings, and mentoring team members • Author comprehensive business and technical collateral to support the practice that is proficiently tailored to both technical and managerial audiences • Support sales efforts through conference speaking, blog/white paper authoring, and podcast speaking/producing • Establish working relationships with the sales team to help sales drive services opportunities • Work with the Security Architecture team to provide presales support and leadership to develop opportunities for the practice • Manage scaling a team of technical resources including training plans for professional and personal growth, proper resources for staffing engagements, tracking and communication of team and Key Performance Indicators (KPIs) • Build and manage relationships with key vendors and evaluate new tech related to the practice and its underlying pillars • Work with Key OEM partners to help position GPS value as a core partner for vulnerability management opportunities • Work with Security Consulting/Information Assurance Team to create joint offerings across Application Security, Cloud Security, IAM, GPVUE, GRC, TAS, DFIR, etc. • Work with Regional TS (AppSecaaS, VMaaS, etc) teams to coordinate go-to-market efforts to ensure consistency of messaging, delivery methodology, and outcomes for customers across GuidePoint. • Assist with developing overall Microsoft security services strategy and adoption services for Defender, O365, ATP, AIP, etc.
Senior DevOps, AWS
GFT TechnologiesAs a pioneer for digital transformation GFT develops sustainable solutions across new technologies.
• Liderar a instrumentação ponta a ponta de métricas, logs estruturados e tracing distribuído, garantindo visibilidade holística do ecossistema. • Implementar, evoluir e gerenciar ferramentas de Application Performance Monitoring para identificar gargalos de código e otimizar proativamente a experiência do usuário. • Definir, implementar e monitorar SLIs, SLOs e Error Budgets, atuando como embaixador da disponibilidade e auxiliando os times a equilibrar a velocidade de inovação com a estabilidade produtiva. • Planejar, arquitetar e executar experimentos práticos de Engenharia do Caos (Chaos Engineering) para validar hipóteses de falha e blindar a arquitetura contra incidentes reais. • Desenhar e gerenciar políticas de alertas preditivos e inteligentes, focando na eliminação da fadiga de alertas e garantindo respostas ultra-rápidas a incidentes críticos. • Atuar de forma transversal apoiando tanto a sustentação de pipelines complexos de Engenharia de Dados quanto as arquiteturas de microsserviços de Backend (APIs REST) hospedadas na AWS.
Senior Site Reliability Engineer
CircleThe all-in-one community platform for creators and brands. https://circle.so/
• Act as a first responder for system incidents and outages, helping Circle stay highly available and performant • Own and evolve our monitoring, alerting, and log management systems • Manage and optimize our database infrastructure (including MySQL, Postgres, Clickhouse, and Redis) • Maintain and improve our server infrastructure and deployment pipelines • Collaborate closely with engineering teams to build scalable, resilient systems • Contribute to internal SRE tooling and automation efforts
DevOps Engineer, Fluent Ukrainian
SupportYourAppSupport-as-a-Service that helps companies scale faster by taking care of their customers’ needs.
• Будувати, підтримувати та оптимізувати CI/CD pipelines для веб-продуктів, сайтів та внутрішніх сервісів компанії у Jenkins та GitLab CI/CD • Підтримувати поступову міграцію deployment processes з Jenkins на GitLab CI • Забезпечувати стабільні, repeatable та predictable deployments з rollback-механізмами і мінімальною кількістю manual steps • Налаштовувати та підтримувати Docker-based runtime environments для web applications та сервісів • Стандартизувати Docker, docker-compose, deployment scripts та runtime-конфігурації, щоб рішення не потребували регулярного rework • Адмініструвати Linux-сервери у production-середовищі: налаштування, patch management, troubleshooting, performance analysis • Автоматизовувати infrastructure setup, configuration management та maintenance-процеси через Ansible і Bash • Підтримувати web infrastructure: Nginx, SSL/TLS, reverse proxy, routing, Cloudflare, DNS, caching та базові security rules • Налаштовувати, підтримувати та покращувати monitoring, logging та alerting для production systems • Аналізувати deployment failures та production incidents, визначати root cause і пропонувати preventive actions • Підтримувати backup/restore, monitoring та базове troubleshooting для MySQL/PostgreSQL • Забезпечення reliability та stability production systems • Аналіз production incidents, проведення root cause analysis та впровадження preventive actions • Участь у post-incident reviews та підготовка технічних висновків після інцидентів • Впроваджувати та підтримувати security practices для Linux і web infrastructure: hardening, контроль доступів, оновлення, закриття вразливостей • Документувати інфраструктурні рішення, deployment workflows, конфігурації та важливі зміни • Узгоджувати production changes з командою, попереджати про ризики та не вносити критичні зміни без прозорої комунікації • Проактивно виявляти слабкі місця в deployment, infrastructure та application architecture, які можуть призвести до нестабільності, та ініціювати їх усунення.
