Sr. DevSecOps Engineer
ARCHIVED
We can't find an active application page for this role right now. It may reopen or be listed elsewhere. Use Next Steps to search for an active apply link and similar live jobs.
Overview
SR. DEVSECOPS ENGINEER (PACMED):
Bowhead seeks a Sr. DevSecOps Engineer to support operational systems integration, development, test, evaluation, operation, sustainment, and maintenance using technologies and acquisition management to support technical, ancillary, and clinical support to military medical treatment facilities in the Pacific Region. This position will support building a next-generation automated compliance and AI‑driven security operations platform supporting DoD, federal health, and enterprise health‑care environments. The Sr. DevSecOps Engineer will provide deep experience in DISA STIGs, SCAP automation, RMF workflows, container security, SIEM/SOAR integrations, and AI‑assisted security operations.
Responsibilities
SCAP / STIG Automation
Build automated OpenSCAP pipelines to scan Ubuntu 24.04 LTS and other Linux hosts using DISA STIG benchmarks.
Integrate XCCDF and OVAL results into OpenRMF using automated ingestion workflows.
Develop hardened base images (VMs and containers) aligned to DISA STIG requirements.
Container Security
Integrate RapidFort scans into CI/CD pipelines.
Automate ingestion of SCAP JSON into OpenRMF.
Ensure curated images remain compliant and low‑CVE.
Compliance Operations (RMF/FedRAMP/CMMC)
Support generation of automated DISA checklists (CKLs) and POA&M updates.
Work with compliance and engineering teams to resolve findings and track remediation progress via OpenRMF.
Security Telemetry & SIEM Engineering
Deploy/tune Wazuh agents across hosts and workloads.
Configure pipelines from Wazuh to Elastic to Tines.
Write and maintain Elastic SIEM detection rules.
SOAR Automation & AI SOC Buildout
Develop Tines workflows to automate:
SCAP ingestion
RapidFort event processing
Elastic SIEM alert enrichment
Compliance notifications & ticketing
Integrate LLMs to:
Summarize alerts
Draft POA&M entries
Generate remediation guidance
Produce daily/weekly SOC and compliance reports
Infrastructure & DevSecOps
Contribute to secure CI/CD pipelines, secrets management, system hardening, logging, and access control aligned with DoD RMF.
Qualifications
Must-Have Technical Expertise
Five to ten (10+) years Linux engineering with security hardening focus
Hands‑on experience with OpenSCAP, DISA STIGs, SCAP benchmarks, and STIG automation
Experience working with OpenRMF (or similar RMF automation platforms)
Strong knowledge of RMF, FedRAMP, or CMMC
CI/CD pipeline experience (GitLab CI, GitHub Actions, Jenkins, etc.)
Hands‑on experience with Elastic Stack and Wazuh
Experience deploying or integrating SOAR platforms (Tines preferred; XSOAR or Splunk SOAR acceptable)
Container security experience (RapidFort, Anchore, Trivy, Aqua, etc.)
Bonus Skills
Familiarity with ATO workflows (IL4/IL5, DoD impact levels)
AI integration experience using OpenAI, Azure OpenAI, or similar
Python or Bash scripting for automation
Experience with NIST 800‑53, CNSSI 1253, or DoD Cybersecurity standards
Soft Skills
Ability to lead architecture decisions and mentor others
Strong communicator capable of translating compliance needs into technical workflows
Able to operate independently in a fast‑paced federal/healthcare environment
Comfortable producing documentation for audits and ATO packages
Physical Demands:
Must be able to lift up to 20 pounds
Must be able to stand and walk for prolonged amounts of time
Must be able to twist, bend and squat periodically
SECURITY CLEARANCE REQUIREMENTS: Must be able to obtain a security clearance at the Public Trust level. US Citizenship is a requirement.
#J-18808-Ljbffr