Parsons Corporation Logo

Parsons Corporation

Senior DevSecOps Engineer

Posted 3 Hours Ago
Be an Early Applicant
In-Office
Boulder, CO, USA
148K-267K Annually
Senior level
In-Office
Boulder, CO, USA
148K-267K Annually
Senior level
Lead DevSecOps for a classified space program: architect secure cloud/on‑prem environments, build and operate CI/CD pipelines, container orchestration, RHEL administration, integrate security tooling (SAST/DAST/SCA), enforce policy-as-code, support RMF A&A, and collaborate across engineering, cybersecurity, and operations to deliver secure mission systems.
The summary above was generated by AI
In a world of possibilities, pursue one with endless opportunities. Imagine Next!

 

At Parsons, you can imagine a career where you thrive, work with exceptional people, and be yourself. Guided by our leadership vision of valuing people, embracing agility, and fostering growth, we cultivate an innovative culture that empowers you to achieve your full potential. Unleash your talent and redefine what’s possible.

 

Job Description:

Parsons is looking for a sharp Senior DevSecOps Engineer to join our growing team in Boulder, CO!

In this fully onsite role, you will be a hands-on technical leader for a small, fast-moving program team supporting a classified space portfolio. You will drive DevSecOps practices across multiple projects, architect secure-by-design solutions, and build and maintain robust CI/CD pipelines and infrastructure that meet stringent mission and security requirements. This role is ideal for a self-starter who is comfortable leading, coding, automating, and collaborating across engineering, cybersecurity, and operations teams.

What You’ll Be Doing:

  • Lead DevSecOps initiatives across multiple enclaves and projects, serving as a primary technical point of contact for secure software and infrastructure delivery
  • Architect, implement, and maintain secure cloud and on-prem environments using Infrastructure as Code toolsets such as Terraform, Ansible, CloudFormation, or Pulumi
  • Design, build, and operate automated CI/CD pipelines (e.g., GitLab CI, GitHub Actions, Azure DevOps, Jenkins) with integrated security controls including SAST, DAST, SCA, container image scanning, and secret management
  • Implement, harden, and manage containerized workloads using Docker and Kubernetes (including RKE2, OpenShift, or Rancher), leveraging Helm, Kustomize, and umbrella charts to deploy and manage complex, multi-service systems
  • Provide expert Linux systems administration on Red Hat Enterprise Linux , including troubleshooting issues across storage, operating systems, applications, and networks in classified or mission-critical environments
  • Integrate security into the SDLC by enforcing secure coding practices, performing code and pipeline reviews, and mentoring developers on DevSecOps and application security principles (including OWASP Top 10)
  • Establish and maintain observability capabilities (logging, metrics, tracing, alerting) to support reliability, incident response, and performance monitoring for mission systems
  • Identify, prioritize, and drive remediation of vulnerabilities across applications, containers, hosts, and infrastructure, in alignment with NIST  controls and DoD DevSecOps guidance
  • Implement and maintain DAST and SAST tools in coordination with ISSOs, system security engineers, and development teams to support RMF Assessment and Authorization (A&A) efforts and continuous monitoring
  • Utilize and manage binary registries (e.g., Artifactory, Harbor, Docker Registry, Nexus) and package repositories in secure environments, ensuring compliance with program policies and security baselines
  • Support and enhance compliance- and policy-as-code solutions (e.g., OPA, Conftest, Checkov) to enforce security baselines, configuration standards, and deployment guardrails across Kubernetes, cloud, and IaC artifacts
  • Collaborate with systems engineering, cybersecurity, operations, and vendor teams to ensure software and infrastructure designs meet security, performance, availability, and accreditation requirements
  • Support and contribute to program documentation and security artifacts, including architecture and deployment documentation, security plans, DevSecOps process documentation, and material for technical reviews and readiness events
  • Work with Product Owners and Scrum Masters to translate security and DevSecOps requirements into actionable user stories and tasks; support Agile ceremonies and iterative delivery of secure capabilities
  • Drive continuous improvement in automation, tooling, and processes to increase deployment frequency, reduce change failure rates, and strengthen the overall security posture of the program

What Required Skills You’ll Bring:

  • Active DoD Secret clearance, with eligibility and willingness to obtain TS/SCI
  • 10+ years of professional experience, with additional education able to count towards total years of experience. Potential flexibility pending Customer approval.
  • Bachelor’s degree, or additional years of experience in lieu of a degree
  • Professional software/DevSecOps experience in mission-critical defense, space, or aerospace environments; familiarity with DoD DevSecOps, Agile, NIST controls, and OWASP Top 10
  • Strong Linux (RHEL) administration and scripting skills (Bash, Python)(Bash, Python), including system hardening, automation, and troubleshooting across storage, OS, application, and network layers
  • Proficiency in at least one major programming language (e.g., Java, C#, Python, Go, JavaScript/TypeScript) and associated frameworks, plus Git-based workflows and collaboration tools
  • Hands-on experience with containers and orchestration (Kubernetes with RKE2, OpenShift, or Rancher) and managing binary/container registries (Artifactory, Docker Registry, Harbor, Nexus)
  • Expertise in DevOps/DevSecOps practices: CI/CD pipeline design and operation, integrating security controls (SAST, DAST, SCA, container scanning, secret management), and secure SDLC implementation
  • Advanced Infrastructure as Code and cloud skills: Terraform, Ansible, CloudFormation, Pulumi; building and managing AWS/Azure/GCP environments with monitoring/observability
  • Experience with policy-as-code and compliance-as-code solutions (e.g., OPA, Conftest, Checkov)

What Desired Skills You Might Bring:

  • Prior experience supporting classified space or defense programs
  • Familiarity with Model-Based Systems Engineering (MBSE) tools and methods
  • Experience with systems engineering processes, including requirements analysis, design, integration, verification, and validation
  • Experience with configuration management and maintaining traceability between software baselines, infrastructure code, and DevSecOps artifacts
  • Experience with test automation and GitLab CI/CD or similar CI/CD platforms
  • Experience supporting AI/ML application infrastructure and associated data pipelines in secure environments
  • Experience with virtualized hosts and platforms (e.g., VMware)
  • Basic network understanding and diagnostics, including TCP/IP, routing, firewalls, and VPNs
  • Experience writing or contributing to acquisition and program documents such as architecture/design volumes, IMP/IMS, RFP responses, and technical proposals
  • Relevant certifications, such as: Cloud: AWS/Azure/GCP Architect or DevOps Engineer, DevOps/DevSecOps: Kubernetes (CKA/CKS), CI/CD tooling certifications, Security: CISSP, CCSP, CSSLP, Security+, or equivalent

Security Clearance Requirement:

An active Secret security clearance is required for this position.​

This position is part of our Federal Solutions team.

The Federal Solutions segment delivers resources to our US government customers that ensure the success of missions around the globe. Our intelligent employees drive the state of the art as they provide services and solutions in the areas of defense, security, intelligence, infrastructure, and environmental. We promote a culture of excellence and close-knit teams that take pride in delivering, protecting, and sustaining our nation's most critical assets, from Earth to cyberspace. Throughout the company, our people are anticipating what’s next to deliver the solutions our customers need now.

Salary Range: $148,300.00 - $266,900.00

We value our employees and want our employees to take care of their overall wellbeing, which is why we offer best-in-class benefits such as medical, dental, vision, paid time off, 401(k), life insurance, flexible work schedules, and holidays to fit your busy lifestyle!

This position will be posted for a minimum of 3 days and will continue to be posted for an average of 30 days until a qualified applicant is selected or the position has been cancelled.

Parsons is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability, veteran status or any other protected status.

We truly invest and care about our employee’s wellbeing and provide endless growth opportunities as the sky is the limit, so aim for the stars! Imagine next and join the Parsons quest—APPLY TODAY!

Parsons is aware of fraudulent recruitment practices. To learn more about recruitment fraud and how to report it, please refer to https://www.parsons.com/fraudulent-recruitment/.

Similar Jobs

3 Days Ago
In-Office
Denver, CO, USA
120K-160K Annually
Senior level
120K-160K Annually
Senior level
Information Technology • Internet of Things • Software
Design, build, and secure end-to-end DevSecOps pipelines for safety-critical, air-gapped military aircraft software. Implement containerization and Kubernetes on disconnected on‑prem environments, manage IaC, build systems, and Linux toolchains, collaborate across engineering, security, and IT, and support secure software deployment and certification artifacts.
Top Skills: AnsibleBitbucketBuildrootCi/CdCmakeConfluenceContainerizationDo-178GitlabHelmJIRAKubernetesMakePythonRhelRtosTerraformYamlYoctoZero-Trust
7 Days Ago
In-Office or Remote
2 Locations
180K-198K Annually
Senior level
180K-198K Annually
Senior level
Events • Kids + Family • Logistics • Other • Productivity • Software • Database
Own end-to-end security for Campminder: architect and harden identity, access, and cloud-native infrastructure; integrate SAST/DAST/SCA into CI/CD; manage vulnerability scanning, WAF, EDR/DLP and SIEM/XDR; administer secrets and vaults; execute PCI technical controls and ASV scans; harden containers and Kubernetes; coordinate pen tests and remediation; run security awareness training and maintain AI governance.
Top Skills: AsvAuth0Azure Conditional AccessCi/CdContainer SecurityDastDlpEdrImage ScanningKnowbe4KubernetesMfaMondooOktaPciPolicy-As-CodeSaqSastScaSecrets ManagementSecurity JourneySecuritymetricsSIEMVault-Based StorageWafXdrZero Trust
9 Days Ago
In-Office
Denver, CO, USA
82K-172K Annually
Senior level
82K-172K Annually
Senior level
Information Technology • Consulting • Defense
Design, implement, and manage RF ground systems infrastructure using Kubernetes and cloud platforms. Build and maintain CI/CD pipelines, automate tasks with Python/Shell, apply DevSecOps security practices, participate in incident response, ensure compliance, and collaborate with development, operations, and security teams.
Top Skills: Argo CdAWSAzureBashCi/CdCloudFormationContainerizationDockerGCPGithub ActionsGithub WorkflowsGitlabGrafanaHelmJenkinsKubernetesPodmanPrometheusPythonShellTerraform

What you need to know about the Colorado Tech Scene

With a business-friendly climate and research universities like CU Boulder and Colorado State, Colorado has made a name for itself as a startup ecosystem. The state boasts a skilled workforce and high quality of life thanks to its affordable housing, vibrant cultural scene and unparalleled opportunities for outdoor recreation. Colorado is also home to the National Renewable Energy Laboratory, helping cement its status as a hub for renewable energy innovation.

Key Facts About Colorado Tech

  • Number of Tech Workers: 260,000; 8.5% of overall workforce (2024 CompTIA survey)
  • Major Tech Employers: Lockheed Martin, Century Link, Comcast, BAE Systems, Level 3
  • Key Industries: Software, artificial intelligence, aerospace, e-commerce, fintech, healthtech
  • Funding Landscape: $4.9 billion in VC funding in 2024 (Pitchbook)
  • Notable Investors: Access Venture Partners, Ridgeline Ventures, Techstars, Blackhorn Ventures
  • Research Centers and Universities: Colorado School of Mines, University of Colorado Boulder, University of Denver, Colorado State University, Mesa Laboratory, Space Science Institute, National Center for Atmospheric Research, National Renewable Energy Laboratory, Gottlieb Institute

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account