As the DevSecOps Project Lead, you will manage the end-to-end software delivery lifecycle, ensure secure deployments in DoD environments, design the DevSecOps pipeline, and integrate compliance with operational requirements.
ABOUT DEFCON AI
RESILIENCE IN THE FACE OF DISRUPTION. DEFCON AI is an insights company that leverages artificial intelligence, mathematical optimization, data analytics, and software engineering for resilient optimization of complex systems.
In today’s dynamically changing world, DEFCON AI’s technology aligns outcomes with operational goals, better decision making, and empowers customers to anticipate assess, and mitigate the impacts of disruptions.
About the Role
This is a rare opportunity to build a production deployment pipeline for mission-critical DoW software from the ground up.
As the DevSecOps Project Lead, you will own the end-to-end software delivery lifecycle—from code intake through secure, scalable production deployment. Your charter is simple but high-stakes: ensure that software can be deployed reliably, securely, and on mission timelines in DoW environments.
You will design and operate the DevSecOps pipeline, define the hosting architecture, and integrate security and compliance directly into delivery. This role spans both modern commercial DevOps practices and the realities of DoW deployment (IL-5 today with a path to IL-6), requiring you to make critical decisions across government networks, cloud environments, and hybrid architectures.
This is a senior role combining hands-on execution with system-level ownership. You will build key components directly while guiding the transition from an existing government-furnished environment to a scalable, long-term production system.
Key Responsibilities
Hosting Architecture & Production Environment
- Design and scale hosting architecture in IL-5 environments with a path to IL-6
- Evaluate and select deployment strategies across government networks, GovCloud, and hybrid platforms
- Build a production environment that supports zero-downtime deployments and enterprise-scale growth
DevSecOps Pipeline Ownership
- Design, build, and operate a modern CI/CD pipeline with integrated testing, security scanning, and compliance validation
- Establish and manage development, staging, and production environments
- Ensure alignment with DoW requirements (e.g., Iron Bank, STIGs, ACAS/OpenSCAP, FIPS)
Transition & System Consolidation
- Lead transition from incumbent contractor and government-furnished environments
- Inventory, assess, and rationalize existing services, dependencies, and infrastructure
- Simplify and consolidate architecture into a scalable, maintainable system
Release Management & Delivery Performance
- Own release cadence from capability intake through production deployment
- Ensure deployment quality through monitoring, rollback readiness, and performance metrics (e.g., uptime, failure rates)
- Support continuous delivery aligned with government timelines and operational needs
Security Integration & ATO Readiness
- Partner with Platform Security and RMF leadership to align on ATO strategy
- Ensure the pipeline generates required artifacts for authorization and continuous compliance
- Embed security and compliance into the delivery lifecycle—not as a post-deployment step
Required Qualifications
- 8+ years of DevOps/DevSecOps engineering experience, including at least one production pipeline owned end-to-end at scale
- 5+ years experience operating in DoW cloud environments (Azure Gov IL-5, AWS GovCloud, or equivalent IL-5 authorized environment). Working knowledge of DoW impact-level boundaries and the CC SRG.3
- Hands-on experience managing at least one complete ATO or cATO pathway in production.
- US Citizenship Required
- Active Secret Clearance (TS/SCI preferred)
- Willingness to travel up to 25% to USMC sites, Defcon AI HQ, and industry vendor facilities as required
Preferred Qualifications
- Active TS/SCI Clearance
- Experience supporting USMC or similar Service environments ]
- Experience transitioning systems from one contractor to another
- Experience with Iron Bank container certification
- Familiarity with platforms such as Second Front (Game Warden), Stormbreaker, or Black Pearl
- Exposure to Palantir Foundry or Anduril Lattice environment
What Success Looks Like
- A reliable, repeatable production deployment pipeline operating with a predictable cadence
- A clear, effective deployment strategy across both government and industry environments
- Seamless transition from incumbent systems with no disruption to mission capability
- ATO and compliance requirements integrated directly into the pipeline
- Infrastructure and deployment bottlenecks resolved to support enterprise-scale operations
What We Offer:
- A fully remote, results-based environment
- Competitive salary, bonus, and equity package
- 100% employer paid, comprehensive health insurance including medical, dental, and vision for you and your family
- Unlimited PTO, with your manager’s approval
- Flexible work environment where you manage your work day
- 14 weeks of fully-paid parental leave
Salary Range: $175,000-$215,000. This represents the typical salary range for this position based on experience, skills, and other factors.
We’re an Equal Opportunity Employer: You’ll receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.
Applicant Data Disclosure
By submitting an application, you acknowledge that Defcon AI uses third-party service providers to facilitate its recruitment and hiring processes. These providers include applicant tracking systems, candidate verification platforms, and fraud detection tools (collectively, "Hiring Platforms"). Your application materials, including your résumé, cover letter, work samples, responses to application questions, and any other information you submit, may be transmitted to and processed by these Hiring Platforms for the following purposes:
- Managing and administering your application throughout the hiring process;
- Verifying the accuracy and authenticity of application materials, including by cross-referencing information you provide against publicly available sources and proprietary databases;
- Identifying indicators of potentially fraudulent, fabricated, or materially misleading application content, including but not limited to discrepancies between submitted materials and publicly available professional profiles, geographic anomalies, and fabricated work histories.
Applications that are flagged through this process as containing indicators of fraud or material misrepresentation may be declined from further consideration. If you have questions about the status of your application or the evaluation process, please contact [email protected].
Defcon AI requires its Hiring Platform providers to process your information solely for the purposes described above and in accordance with applicable law. Your information will be retained only for as long as necessary to fulfill these purposes and any applicable legal obligations, after which it will be deleted in accordance with Defcon AI's data retention policies.
For more information about how your data is used, please refer to our Privacy Policy and Applicant Privacy Notice.
Similar Jobs
Fintech • Payments • Financial Services
The role involves leading the DevSecOps pipeline for DoD software, overseeing deployment architecture, ensuring security and compliance, and managing production environments.
Top Skills:
Aws GovcloudAzure GovCi/CdCloud EnvironmentsDevsecopsIron BankSecurity Compliance
.png)
Cloud • Insurance • Payments • Software • Business Intelligence • App development • Big Data Analytics
Lead design and deployment of AI agents and automation across customer delivery, defining ROI and performance metrics, building RAG/LLM solutions, creating an AI playbook for CX teams, and partnering with Product and Engineering to drive adoption and quality in implementations.
Top Skills:
Agentic FrameworksAutogptLangchainLlmsPrompt EngineeringRetrieval-Augmented Generation (Rag)
Artificial Intelligence • Fintech • Payments • Business Intelligence • Financial Services • Generative AI
Lead the global obligations management function: design and maintain a centralized obligations register, map legal and partner mandates to controls, manage RFI knowledge base and audit register, ensure traceability and remediation, partner with regional legal/compliance/audit teams, and scale the team and GRC tooling to replace manual trackers.
What you need to know about the Colorado Tech Scene
With a business-friendly climate and research universities like CU Boulder and Colorado State, Colorado has made a name for itself as a startup ecosystem. The state boasts a skilled workforce and high quality of life thanks to its affordable housing, vibrant cultural scene and unparalleled opportunities for outdoor recreation. Colorado is also home to the National Renewable Energy Laboratory, helping cement its status as a hub for renewable energy innovation.
Key Facts About Colorado Tech
- Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
- Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
- Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
- Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
- Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute
