JOBSEARCHER

Mid-Level DevSecOps Engineer

Key Personnel RequirementsThe Consultant shall provide a DevSecOps Engineer who meets the following specific requirements:Required Technical Skills• Infrastructure as Code: Hands-on experience with Terraform and OpenTofu, including module development, remote state management, and workspace management• Configuration as Code: Proficiency with Ansible, including playbook and role development, dynamic inventories, and Ansible Vault for secrets management• CI/CD: Demonstrated experience designing and maintaining GitHub Actions workflows, including reusable workflows, matrix builds, and security gate integration• Containers: Working knowledge of Docker image authoring and hardening, Kubernetes manifest and Helm chart management, and container security scanning tools (e.g., Trivy, Grype, or equivalent)• Security Integration: Familiarity with SAST tools (e.g., Semgrep, Checkov, tfsec), secrets scanning (e.g., Gitleaks, Detect-Secrets), and policy-as-code frameworks (e.g., OPA/Rego)• Version Control: Proficiency with Git-based workflows including branching strategies, pull request reviews, and protected branch enforcementPreferred Skills• Experience in a federal or highly regulated environment• Familiarity with NIST SP 800-53, FISMA, and FedRAMP compliance requirements• Cloud platform experience (AWS)• Experience with secrets management tools (e.g., HashiCorp Vault)• Scripting proficiency in Python and Bash