DevSecOps Project Engineer II

The ISR (Intelligence, Surveillance & Reconnaissance), Aviation, and Security (IAS) business area is a leader in ISR and aviation, it is a leading prime manned and unmanned aircraft systems integrator for innovative, high-performance ISR and aviation systems. Its end-to-end Command, Control, Computers, Communications and Intelligence, Surveillance & Reconnaissance (C4ISR) capabilities encompass design, integration, test, certification, ground/flight training and complete logistics support. IAS tailors solutions to customer cost, performance, and schedule requirements and designs to consistently exceed expectations – with an unrivaled record of on time and on (or under) budget deliveries.

Are you looking to use your engineering capabilities, project management and collective skills in your next position? We could use your expertise on our team! The DSOP / Tooling / CI-CD Project Engineer II is responsible for the technical leadership and program management of DevSecOps platform development, software toolchain integration, and continuous integration/continuous delivery (CI/CD) pipeline engineering efforts. This role bridges the gap between software development teams, platform/infrastructure stakeholders, and program management — driving the build, deployment, and sustainment of automated software delivery pipelines in classified and unclassified environments. The DevSecOps PE ensures tooling solutions meet program requirements for security, compliance, scalability, and operational readiness.

Responsibilities:

Project Management

• Develop and manage detailed project plans, sprint/release schedules, and budgets for DSOP and tooling initiatives.

• Manage cross-functional delivery teams comprising software engineers, platform engineers, and security specialists.

• Track delivery milestones, manage backlog priorities, and communicate status to program and customer stakeholders.

Technical Oversight

• Architect, implement, and oversee CI/CD pipelines supporting automated build, test, security scanning, and deployment workflows.

• Define and enforce DevSecOps standards including SAST/DAST integration, software composition analysis (SCA), and container image scanning.

• Lead selection, procurement, integration, and maintenance of software toolchains (e.g., GitLab, Jenkins, Artifactory, SonarQube, Jira, Confluence, Kubernetes).

• Oversee platform-as-code practices including infrastructure-as-code (IaC), configuration management, and environment-as-code.

• Ensure pipelines and tooling comply with NIST 800-53, CMMC, RMF, and applicable cyber security frameworks.

• Support accreditation activities (ATO processes) by documenting pipeline controls and providing technical evidence to ISSO/ISSM.

Customer Interface

• Serve as the primary technical point of contact for customers and end-users regarding DevSecOps capabilities and tooling roadmaps.

• Facilitate tool onboarding, developer enablement, and adoption efforts across multiple program teams.

• Present pipeline maturity metrics, deployment velocity, and quality gate status at program reviews.

Status Reporting

• Prepare comprehensive status reports covering pipeline health, tool availability, delivery throughput, security posture, and open risks.

• Maintain dashboards and metrics that reflect DORA metrics (deployment frequency, lead time, MTTR, change failure rate).

Issue Resolution

• Identify systemic pipeline failures, tool integration bottlenecks, or security compliance gaps and develop rapid resolution plans.

• Own the DSOP Risk Register — document toolchain risks, supply chain software risks, and dependency vulnerabilities.

• Develop contingency strategies for pipeline outages, tool end-of-life transitions, and accreditation gaps.

Continuous Improvement

• Drive continuous improvement of pipeline speed, quality gate effectiveness, and developer experience.

• Evaluate and pilot emerging DevSecOps tools and practices; present cost-benefit analyses to leadership.

• Lead shift-left security initiatives and coach development teams on secure coding and automated testing practices.

Risk Management

• Develop and manage risk identification, documentation, and mitigation planning.

Qualifications The Employee Must Have

• Bachelor's degree in Computer Science, Software Engineering, Systems Engineering, or closely related technical field.

• 10+ years of progressive engineering experience, including 2+ years in a technical lead or engineering project lead role.

• Direct, hands-on experience designing and managing CI/CD pipelines in an enterprise or program environment (GitLab CI, Jenkins, GitHub Actions, or equivalent).

• Demonstrated experience with container orchestration platforms — specifically Kubernetes and Docker — in a production or program-of-record context.

• Working knowledge of Infrastructure-as-Code tools (Terraform, Ansible, Helm, or equivalent) used operationally.

• Practical experience integrating automated security tooling (SAST, DAST, SCA, image scanning) into CI/CD workflows.

• Experience with artifact management and software supply chain security (Artifactory, Nexus, SBOM generation).

• Familiarity with RMF/ATO processes and how DevSecOps pipelines interface with accreditation requirements.

• Experience creating and managing project schedules, tracking technical tasks, and reporting status to program and customer leadership.

• Excellent written and verbal communication skills, with ability to explain complex pipeline and tooling concepts to non-technical stakeholders.

Qualifications We Prefer

• 4–6 years of DevSecOps platform leadership, engineering program management, or software project engineering experience.

• Active DoD Top Secret clearance with SCI Eligibility.

• Background in Aerospace & Defense programs with classified environment tool deployment (IL4/IL5/IL6, SIPR, or JWICS experience).

• Experience with GitOps workflows and policy-as-code frameworks (OPA, Kyverno).

• Familiarity with Platform One (P1), Iron Bank, or DoD-hardened container registries.

• CMMC Level 2/3 implementation experience or direct involvement in ATO package development.

• PMP, CSEP, or relevant cloud/DevOps certifications (CKA, AWS DevOps Pro, GitLab Certified, etc.).

• Knowledge of software factory architectures and experience scaling CI/CD to multi-team, multi-repo programs.

• Experience leading a multi-disciplinary design and development team and communicating with program management and customers.

• Familiarity with preparation and development of project estimates, technical proposals, and program cost and schedule management.

• Past history of leading baseline definition and maturation in a complex development setting, including the use of highly integrated trade studies and analysis of alternative.

• Ability to read and interpret technical drawings and schematics, parts lists, specifications, instructions and test procedure.

• Experience or certification in International Council on Systems Engineering (INCOSE) standard.

• Background in the Aerospace and Defense Industry.

Essential Functions:

• Occasional travel to customer or field locations may be required.

• Ability to work primarily in an office or hybrid environment.

• Ability to lift up to 10 pounds occasionally.

• Prolonged periods of working on a computer.

• Hand and finger dexterity for computer use.

• Capability to work in potentially hazardous environments when visiting project sites.

This posting will be open for application for a minimum of 5 days and may be extended based on business needs.

SNC offers annual incentive pay based upon performance that is commensurate with the level of the position.

SNC offers a generous benefit package, including medical, dental, and vision plans, 401(k) with 150% match up to 6%, life insurance, 3 weeks paid time off, tuition reimbursement, and more.

IMPORTANT NOTICE:

This position requires current/active Top Secret with SCI eligibility U.S. Security Clearance. U.S. Citizenship status is required as this position needs an active U.S. Security Clearance for employment. Non-U.S. Citizens may not be eligible to obtain a security clearance. The Department of Defense Consolidated Adjudications Facility (DoD CAF), a federal government agency, handles the adjudicative aspects of the security clearance eligibility process for industry applicants. Adjudicative factors which affect the outcome of the eligibility determination include, but are not limited to, allegiance to the U.S., foreign influence, foreign preference, criminal conduct, security violations and illegal drug use.

Learn more about the background check process for Security Clearances.

SNC is a global leader in aerospace and national security committed to moving the American Dream forward. We’re known and respected for our mission and execution focus, agility, and disruptive and rapid innovation. We provide leading edge technologies and transformative solutions that support our nation’s most critical security needs. If you are mission-focused, thrive in collaborative environments, and want to make our country stronger with state-of-the-art technologies that safeguard freedom, join our team!

SNC is an Equal Opportunity Employer committed to an environment free of discrimination. Employment decisions are made based on merit without regard to race, color, age, religion, sex, national origin, disability, status as a protected veteran or other characteristics protected by law.