• Partner with various NBCUniversal businesses, enterprise IT, and Cyber Security organization to ensure technology is designed and deployed securely • Function as a security subject matter expert with broad knowledge across various domains, embedded with engineering teams delivering solutions for NBCUniversal • Focus initially on security controls applicable to AI systems and other emerging technologies • Develop threat models and control strategies that are fully integrated into the design, development, and operation of new and evolving technology platforms • Collaborate across the Cyber organization and with business stakeholders, resulting in security guidance and/or mitigation requirements • Communicate the importance of key Cyber programs and services to obtain support, trust and buy-in from business and technology teams

• Perform investigation and analytics of network and host-based payloads and artifacts about an incident or digital forensics request. • Perform advanced analysis (memory forensics, database, mobile devices, etc.) • Identify processes that would benefit from automation. • Perform scripting or automation during investigative activities. • Script or automate basic processes that are performed. • Examine malicious software, such as bots, worms, and trojans to understand the nature of their threat. • Develop IOCs from the analysis of malware and populate the IOC database. • Examine artifacts from network traffic and hosts to identify threats. • Correlate additional context from threat intel during investigation and analysis. • Combine risk and vulnerability data from internal sources to overlay and provide context to existing security events, alerts, and incidents.

• Own cloud security design and enforcement on GCP • Ensure security controls scale with high data volumes and traffic • Build and operate Grafana-based security observability • Act as primary owner for cloud security incidents and audits • Embed security into DevOps and platform workflows

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description Sev1Tech is seeking a DevSecOps Engineer (Mid) to join our team. The selected candidate will support the design and engineering of a DevOps Platform to enable a shared system of systems to support software development, systems engineering, integration, and test of software applications and infrastructure in a heterogeneous environment. This effort will support the United States Navy and will be heavily focused on automation and DevSecOps. - Develops GitLab CI/CD Pipelines - Automates configurations within Kubernetes - Supports cloud networking and routing for DNS, TLS, and Ingress/Egress - Maintains and Hardens Base Images - Within Cloud Environments, support the development and documentation of risk assessment results and recommendations using identified threats, applicable vulnerabilities, and likelihood of occurrence within context of risk tolerances, providing recommendations for corrective actions and mitigation strategies. - Provide automated and manual validations of Information Assurance Controls (IACs) and Validation Procedures (VPs) in accordance with the DoD Guidelines, CNSSI 1253 and/or NIST 800 Publications. - Perform validation, troubleshooting, and documentation for DevSecOps engineering efforts. - Document processes and services for use by cloud application development teams. - Participates in Agile process to develop tasking, describe technical solutions, and test deployed systems. - Research problems discovered by quality reviews and develops solutions. - Leverages scripting and other automation tasks to manage infrastructure. - Provides inputs to technical assessments related to the cost, efficiency, and security posture of a system. - Develops system infrastructure testing procedures, programming, and documentation. - Identifies creative solutions to improve system and product offerings. - Collaborates with technical writers to create customer-relevant documentation. - Coordinates with project work teams to ensure adherence to policies, achievement of quality targets and delivery on schedule milestones. Qualifications - Six (6) years of experience to include three (3) of the following areas: Systems or Software: Requirements, Design, Development, Verification and Validation/Test & Evaluation, Integration, Build & Deployment; Systems Administration, Information Assurance, Business Analysis, Integrated Development Environment tools and Online & End-User Documentation for C4ISR systems or other federal agency IT Systems. - US Citizenship Required. - Must have DoD8570 compliant certifications (Sec+ and OS) to meet requirements for privileged access to MIP. - Valid CompTIA Security+ or equivalent certification (Minimum: DoD 8570.1-M IAT Level II), or ability to obtain within a reasonable timeframe. - High School diploma or GED. Technical Training in Information Technology (IT) or Software Application Development. - Minimum of 2+ years’ related IT experience should include DevOps/DevSecOps Engineering, CI/CD, Build & Release, SRE, Operations Engineering, Systems Integration Engineering, and/or Cloud Administration. - Prior experience evaluating/assessing systems in Government Cloud environments using DevSecOps principles with Continuous Security. - Must have a strong understanding of Infrastructure as Code and preferably hands-on experience with Terraform, AWS Cloud-Formation, or similar. - Must have experience with Docker and Rancher or Kubernetes, OpenShift, Fargate, or similar container orchestration tool(s). - Must have experience in infrastructure automation and DevOps integration. - Must have experience in developing and managing Continuous Integration and Continuous Delivery environments. Requirements - Minimum of an Active Interim Secret Clearance (DoD) / Favorable T3 Equivalent Background Investigation. Desired Qualifications - Hands-on experience with the following: Jenkins, GitLab, HashiCorp Vault, Argo CD, Red Hat Enterprise Linux, Amazon EKS. - A strong understanding and background with DISA STIGS. Company Description Founded in 2010 and recently acquired by ERT in early 2026, Sev1Tech, an ERT Company provides IT, engineering, and program management solutions delivery to critical missions across Federal and Commercial Clients. With its acquisition by ERT, Sev1Tech expanded its ability to offer secure, mission-aligned digital solutions to support modernization, resilience, and operational effectiveness for government customers operating in highly regulated mission environments. ERT and Sev1Tech together become a fully diversified engineering and federal technology solutions firm with broad reach into space, civilian, and defense markets. Please apply directly at: https://careers-sev1tech.icims.com . For questions or to submit a referral, please contact: recruiting@sev1tech.com . Sev1Tech is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.