Chief DevSecOps Engineer

This position is contingent upon contract award.

Professional Level 

Level E3 Engineer - The position is a senior-level engineering role responsible for independently designing, implementing, and supporting complex enterprise systems. This role provides technical leadership, supports incident response and escalation activities, and collaborates with architects, security teams, and service owners in a mission-critical federal IT environment.  

Responsibilities 

• Analyzes and defines security requirements for computer systems, which may include mainframes, workstations, and personal computers.   

• Designs, develops, engineers, and implements solutions that meet security requirements.   

• Responsible for integration and implementation of the computer system security solution.   

• Gathers and organizes technical information about an organization's mission goals and needs, existing security products, and ongoing programs in computer security.   

• Performs risk analyses of computer systems and applications during all phases of the system development life cycle.  

• Mentorship and training of junior DevSecOps Engineers.  

• Leads the strategic design, implementation, and continuous improvement of enterprise-wide DevSecOps practices, tools, and pipelines.   

• Focuses on integrating security and compliance at every stage of the software development lifecycle, ensuring reliable, scalable, and secure delivery of applications and services.   

• Key technical leader, the Chief DevSecOps Engineer collaborates with product managers, solution architects, engineers, security teams, and IT operations to foster a culture of automation, rapid iteration, and continuous learning.   

• Champions best practices in infrastructure as code, automated testing, continuous integration/continuous delivery (CI/CD), and zero-trust architecture, while meeting stringent federal and agency-specific compliance requirements.  

Requirements 

• Bachelor’s Degree in technical discipline; 8 years of experience in lieu of degree to meet education requirement    

• 6+ years of proven experience as a DevSecOps Engineer.  

• Expertise with modern DevSecOps toolchains, cloud platforms (e.g., AWS, Azure, GCP), container orchestration (Kubernetes), and configuration management tools.  

• Strong knowledge of software security principles, secure coding practices, and experience with vulnerability scanning and remediation tools.  

• Understanding of microservices architecture, APIs, service meshes, and event-driven systems.  

• Familiarity with federal security frameworks (FISMA, FedRAMP), NIST standards (e.g., NIST SP 800-53), ATO processes, and Section 508 accessibility requirements.  

• Ability to integrate compliance controls and reporting into DevSecOps pipelines, ensuring continuous compliance monitoring and documentation.  

• Strong communication, leadership, and interpersonal skills.  

• Excellent problem-solving, critical thinking, and decision-making abilities.  

• Ability to influence and build consensus among diverse technical and business stakeholders.  

Preferred/Desired:  

• One or more of the following:   

• CKS (Certified Kubernetes Security Specialist)  

• CISSP (Certified Information Systems Security Professional)  

• AWS Certified Security – Specialty  

• CDP (Certified DevSecOps Professional)  

• CompTIA Security+