{"schemaVersion":"jobsearcher.job.v1","id":"31c13b60cf5d9a2a579421bf","url":"https://jobsearcher.com/jobs/31c13b60cf5d9a2a579421bf","canonicalUrl":"https://jobsearcher.com/jobs/31c13b60cf5d9a2a579421bf","title":"Software Engineer, DevSecOps Software Washington, DC","description":"Helsing develops artificial intelligence-enabled capabilities to protect and defend democracies. We build Altra, an AI-powered drone software platform, and HX-2, our autonomous drone. We are growing our US operations, cultivating an ambitious and committed team of mission-driven professionals to apply their skills to solve challenging problems.\r\nThe role\r\nYou will join the Platform Engineering team as a security-focused engineer responsible for embedding security into every layer of our developer platform and software delivery pipeline. You will own the security posture of our development environment — ensuring CMMC Level 2 compliance, hardening our software supply chain, and implementing the controls required for product teams to achieve ATO against NIST and other cybersecurity frameworks. You will work closely with platform and product engineers to build secure CI/CD pipelines, enforce policy-as-code, and maintain the shared infrastructure that all teams depend on. This role combines hands-on engineering with deep security expertise: you are not just auditing compliance, you are building the systems that make compliance automatic.\r\nThe day-to-day\r\nDeploying, updating, and securing Kubernetes workloads through ArgoCD and GitOps workflows\r\nBuilding and maintaining secure CI/CD pipelines that enforce policy, scan for vulnerabilities, and produce auditable build artifacts\r\nMaintaining and hardening shared services (GitLab, Artifactory, container registries) that the entire organization depends on\r\nImplementing and enforcing security controls aligned with CMMC L2, NIST 800-171, and other frameworks required for ATO\r\nSecuring the software supply chain: image signing, SBOM generation, dependency scanning, and provenance tracking\r\nConducting threat modeling to surface architectural risks before they become incidents\r\nDetecting, investigating, and responding to security incidents across infrastructure and applications\r\nWorking with product teams to ensure their workloads meet security and compliance requirements before and after deployment\r\nSupporting the secure hosting of ML/AI workloads, including model training environments and sensitive data handling\r\nYou should apply if you\r\nHave 5+ years of experience in DevSecOps, security engineering, or infrastructure engineering with a security focus\r\nHave a Bachelor's degree in Computer Science, Engineering, Cybersecurity, or a related field\r\nHave deep experience with Kubernetes deployment, networking, RBAC, pod and cluster security, and operational troubleshooting\r\nAre proficient with ArgoCD or similar GitOps tooling for managing Kubernetes workloads at scale\r\nHave strong experience writing and maintaining Helm charts\r\nAre proficient in Python and Bash, with experience automating security and compliance workflows\r\nUnderstand software supply chain security, including container image hardening, FIPS-validated cryptography, vulnerability scanning, SBOM, and artifact signing\r\nHave hands-on experience implementing security controls from frameworks like NIST 800-171, NIST 800-53, or CMMC\r\nAre comfortable with CI/CD pipeline design, particularly building in security gates, policy-as-code, and automated compliance checks\r\nHave working knowledge of AWS and can collaborate effectively on infrastructure decisions\r\nAre a U.S. citizen eligible to obtain a security clearance\r\nNice to have\r\nExperience with Go or other systems programming languages\r\nExperience shepherding systems through an ATO process\r\nFamiliarity with DISA STIGs and the Risk Management Framework (RMF)\r\nFamiliarity with Terraform and infrastructure-as-code for cloud resources\r\nExperience with Nix or NixOS\r\nExperience with SIEM platforms (e.g., Elastic) and security monitoring/incident response\r\nExperience securing and deploying ML/AI workloads — GPU environments, training pipelines, data classification\r\nRed teaming or penetration testing experience\r\nCertifications such as CKS, Security+, or CISSP\r\nExperience in defense, intelligence, or other regulated environments\r\nJoin Helsing and work with world-leading experts in their fields\r\nWhat we offer\r\nA focus on outcomes, not time-tracking\r\nA generous compensation and benefits package (in addition to base salary) that includes, but may not be limited to, insurance coverage (medical and travel), flexible paid time off, paid holidays, and remote and/or hybrid work available depending on position. All compensation and benefits are subject to the terms and conditions of the underlying plans or programs, as applicable and as may be amended, terminated or superseded from time to time.\r\nEqual Opportunity Employment\r\nHelsing is an Equal Opportunity Employer. We will consider all qualified applicants without regard to race, color, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, genetics, or any other characteristic protected by applicable federal, state, or local law. Please do not submit personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, data concerning your health, or data concerning your sexual orientation.\r\nJ-18808-Ljbffr","company":"Helsingai","rawCompany":"helsingai","city":"Washington","state":"DC","isRemote":false,"isActive":false,"createdAt":"2026-07-04T02:16:19.766Z","occupations":[{"code":"15-1299.08","title":"Computer Systems Engineers/Architects","slug":"computer-systems-engineers-architects"},{"code":"15-1252.00","title":"Software Developers","slug":"software-developers"},{"code":"15-1299.05","title":"Information Security Engineers","slug":"information-security-engineers"}],"industries":[{"code":"541512","title":"Computer Systems Design Services","slug":"computer-systems-design-services"},{"code":"541511","title":"Custom Computer Programming Services","slug":"custom-computer-programming-services"},{"code":"513210","title":"Software Publishers","slug":"software-publishers"}],"jobPosting":{"@context":"https://schema.org","@type":"JobPosting","title":"Software Engineer, DevSecOps Software Washington, DC","description":"Helsing develops artificial intelligence-enabled capabilities to protect and defend democracies. We build Altra, an AI-powered drone software platform, and HX-2, our autonomous drone. We are growing our US operations, cultivating an ambitious and committed team of mission-driven professionals to apply their skills to solve challenging problems.\r\nThe role\r\nYou will join the Platform Engineering team as a security-focused engineer responsible for embedding security into every layer of our developer platform and software delivery pipeline. You will own the security posture of our development environment — ensuring CMMC Level 2 compliance, hardening our software supply chain, and implementing the controls required for product teams to achieve ATO against NIST and other cybersecurity frameworks. You will work closely with platform and product engineers to build secure CI/CD pipelines, enforce policy-as-code, and maintain the shared infrastructure that all teams depend on. This role combines hands-on engineering with deep security expertise: you are not just auditing compliance, you are building the systems that make compliance automatic.\r\nThe day-to-day\r\nDeploying, updating, and securing Kubernetes workloads through ArgoCD and GitOps workflows\r\nBuilding and maintaining secure CI/CD pipelines that enforce policy, scan for vulnerabilities, and produce auditable build artifacts\r\nMaintaining and hardening shared services (GitLab, Artifactory, container registries) that the entire organization depends on\r\nImplementing and enforcing security controls aligned with CMMC L2, NIST 800-171, and other frameworks required for ATO\r\nSecuring the software supply chain: image signing, SBOM generation, dependency scanning, and provenance tracking\r\nConducting threat modeling to surface architectural risks before they become incidents\r\nDetecting, investigating, and responding to security incidents across infrastructure and applications\r\nWorking with product teams to ensure their workloads meet security and compliance requirements before and after deployment\r\nSupporting the secure hosting of ML/AI workloads, including model training environments and sensitive data handling\r\nYou should apply if you\r\nHave 5+ years of experience in DevSecOps, security engineering, or infrastructure engineering with a security focus\r\nHave a Bachelor's degree in Computer Science, Engineering, Cybersecurity, or a related field\r\nHave deep experience with Kubernetes deployment, networking, RBAC, pod and cluster security, and operational troubleshooting\r\nAre proficient with ArgoCD or similar GitOps tooling for managing Kubernetes workloads at scale\r\nHave strong experience writing and maintaining Helm charts\r\nAre proficient in Python and Bash, with experience automating security and compliance workflows\r\nUnderstand software supply chain security, including container image hardening, FIPS-validated cryptography, vulnerability scanning, SBOM, and artifact signing\r\nHave hands-on experience implementing security controls from frameworks like NIST 800-171, NIST 800-53, or CMMC\r\nAre comfortable with CI/CD pipeline design, particularly building in security gates, policy-as-code, and automated compliance checks\r\nHave working knowledge of AWS and can collaborate effectively on infrastructure decisions\r\nAre a U.S. citizen eligible to obtain a security clearance\r\nNice to have\r\nExperience with Go or other systems programming languages\r\nExperience shepherding systems through an ATO process\r\nFamiliarity with DISA STIGs and the Risk Management Framework (RMF)\r\nFamiliarity with Terraform and infrastructure-as-code for cloud resources\r\nExperience with Nix or NixOS\r\nExperience with SIEM platforms (e.g., Elastic) and security monitoring/incident response\r\nExperience securing and deploying ML/AI workloads — GPU environments, training pipelines, data classification\r\nRed teaming or penetration testing experience\r\nCertifications such as CKS, Security+, or CISSP\r\nExperience in defense, intelligence, or other regulated environments\r\nJoin Helsing and work with world-leading experts in their fields\r\nWhat we offer\r\nA focus on outcomes, not time-tracking\r\nA generous compensation and benefits package (in addition to base salary) that includes, but may not be limited to, insurance coverage (medical and travel), flexible paid time off, paid holidays, and remote and/or hybrid work available depending on position. All compensation and benefits are subject to the terms and conditions of the underlying plans or programs, as applicable and as may be amended, terminated or superseded from time to time.\r\nEqual Opportunity Employment\r\nHelsing is an Equal Opportunity Employer. We will consider all qualified applicants without regard to race, color, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, genetics, or any other characteristic protected by applicable federal, state, or local law. Please do not submit personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, data concerning your health, or data concerning your sexual orientation.\r\nJ-18808-Ljbffr","datePosted":"2026-07-04T02:16:19.766Z","dateModified":"2026-07-04T02:16:19.766Z","hiringOrganization":{"@type":"Organization","name":"Helsingai","sameAs":"https://jobsearcher.com"},"jobLocation":{"@type":"Place","address":{"@type":"PostalAddress","addressLocality":"Washington","addressRegion":"DC","addressCountry":"US"}},"identifier":{"@type":"PropertyValue","name":"JobSearcher","value":"31c13b60cf5d9a2a579421bf"},"url":"https://jobsearcher.com/jobs/31c13b60cf5d9a2a579421bf"}}