An engineering firm that delivers high-quality Healthcare IT, Cybersecurity, and Telecommunication solutions.
Senior DevSecOps Engineer
Location
United States
Posted
12 hours ago
Salary
$106.3K - $136K / year
Seniority
Senior
Job Description
Senior DevSecOps Engineer
eSimplicity
• Partner with the development team to implement secure engineering patterns, maintain secure CI/CD pipelines, and remediate vulnerabilities, including contributing code, configuration, pipeline changes, and infrastructure updates where appropriate. • Design and maintain security gates for code quality, dependency scanning, container image scanning, secrets detection, infrastructure misconfiguration, and policy compliance. • Support Kubernetes and container security for AWS EKS environments, including image hardening, admission controls, runtime monitoring, network policies, workload identity, secrets management, and least-privilege access patterns. • Support controls for new tooling/integration usage, the handling of sensitive data, and access controls. • Help define and enforce secure-by-default engineering standards across the application, infrastructure, and delivery pipeline. • Help drive the move toward ATO and near-real-time compliance. • Implement monitoring of production runtime environments for vulnerabilities and compliance drift and make security and compliance reporting available on demand. • Translate security findings into actionable engineering work items in JIRA and support teams through remediation, validation, and closure. • Identify, document, and communicate security risks tied to modernization efforts • Monitor cloud environments using AWS tools • Participates in Agile processes including daily standups, demos, retrospectives, and sprint planning • Collaborates with a fully integrated Agile team to deliver continuous improvement to designs, processes, and standards
Job Requirements
- Bachelor’s degree and four (4) years of specialized information technology experience; OR In lieu of bachelor’s degree, eight (8) years of relevant information technology experience, with at least four (4) years in a specialized experience
- Must be a United States citizen
- Ability to obtain and maintain a Public Trust clearance
- Hands-on experience building and maintaining secure CI/CD pipelines, including automated security testing, vulnerability scanning, secrets detection, artifact signing, and release gates.
- Experience with security automation tools such as SAST, SCA, DAST, container scanning, IaC scanning, secrets scanning, SBOM generation, and policy-as-code.
- Ability to write scripts, pipeline logic, configuration, or automation in support of security and compliance objectives.
- Hands-on experience securing AWS cloud environments including EKS, S3, VPC, Security Hub, Inspector, WAF, and Secrets Manager
- Experience producing security and compliance evidence for federal environments, including continuous monitoring artifacts, control evidence, vulnerability reports, and audit-ready documentation
- Understanding of the Authority to Operate (ATO) process, including POA&Ms and continuous monitoring.
- Understanding of federal security frameworks such as NIST RMF
- Experience working on a fully integrated Agile product team
- Strong documentation and problem-solving skills
- Ability to work in a fast-paced, team-oriented environment
- Experience with Atlassian Jira/Confluence
Benefits
- medical, dental, and vision coverage
- 401(k) retirement benefits
- paid time off
- paid holidays
- life and disability insurance
- additional wellness and employee support programs
Related Guides
Related Categories
Related Job Pages
More DevOps Engineer Jobs
Senior DevSecOps Engineer
Coates GroupCreating Connections, Empowering Partnerships, Always Evolving.
• Contribute to a strong DevOps and DevSecOps culture across engineering teams. • Design, build and maintain secure, scalable and reliable cloud infrastructure and CI/CD platforms. • Manage and support AWS environments, Linux-based systems and global device platforms. • Embed security controls, automation and compliance practices into engineering workflows. • Lead vulnerability management, security remediation and cloud security improvement initiatives. • Monitor platform health, performance and security, responding to incidents and operational events. • Research, recommend and implement platform, security and operational improvements. • Provide technical leadership, mentoring and guidance to engineers and development teams. • Collaborate with DevOps, Security, Architecture and Application teams to deliver business outcomes.
• Maintain the reliability, availability, and performance of production and pre-production environments. • Monitor platform health and improve alerting, automation, and operational processes. • Respond to production incidents, participate in root cause analysis, and implement long-term improvements. • Design, build, and enhance observability solutions using metrics, logs, traces, and dashboards. • Partner with software engineers to improve application reliability throughout the development lifecycle. • Develop and maintain operational documentation, troubleshooting guides, and runbooks. • Automate repetitive operational tasks to improve efficiency and reduce manual intervention. • Participate in on-call rotations while continuously improving incident response processes. • Promote reliability engineering principles, operational excellence, and continuous improvement across engineering teams.
• Maintain the reliability, availability, and performance of production and pre-production environments. • Monitor platform health and improve alerting, automation, and operational processes. • Respond to production incidents, participate in root cause analysis, and implement long-term improvements. • Design, build, and enhance observability solutions using metrics, logs, traces, and dashboards. • Partner with software engineers to improve application reliability throughout the development lifecycle. • Develop and maintain operational documentation, troubleshooting guides, and runbooks. • Automate repetitive operational tasks to improve efficiency and reduce manual intervention. • Participate in on-call rotations while continuously improving incident response processes. • Promote reliability engineering principles, operational excellence, and continuous improvement across engineering teams.
• Own and evolve the Azure-based API Platform that powers the company's compounding operations. • Operate private AKS clusters and implement admission controllers. • Enforce image signing and scanning within the CI/CD pipelines. • Design deployment strategies such as blue-green and canary rollouts with pre-deploy security gates. • Own cost optimization across all environments. • Maintain documented wake-up processes with defined SLAs. • Manage monitoring and observability tooling. • Lead cross-functional conversations (security, developers, CTO) about phased rollouts across subscriptions, bringing cost data, risk context, and an infrastructure plan that leaves everyone aligned. • Reframe problems strategically rather than just executing tasks.



