Senior DevSecOps Engineer

Location Mechanicsburg, PA Work Arrangement Hybrid 60% Remote / 40% On-Site Schedule 8 hrs/day, 5 days/wk, 40 hrs/wk Contract 05/18/2026 - 06/30/2026. Historically, these roles are extended for an additional year. Visas Accepted USC, GC, GC EAD, H1B Role Overview PSDC requires the services of a Senior DevSecOps Engineer to act as consultant with the PSDC Solutions Management group. Hands-on security automation for AWS delivery. Build secure-by-default CDK constructs and CloudFormation templates, wire them into CI/CD, and enforce compliance checks that map to CJIS and NIST. Azure support is a future consideration, not a core day‑one duty. Primary Responsibilities Author and maintain AWS CDK constructs and CloudFormation templates; provide Terraform versions as secondary. Implement AWS Config conformance, Security Hub standards, and GuardDuty routing in reference accounts. Wire scanning in CI/CD for app code, containers, and IaC. Create reusable GitHub/Azure DevOps templates with enforcement gates and exception handling. Generate posture and evidence reports mapped to CJIS and NIST controls. Coach pilot teams to adopt templates. Raise gaps to enterprise teams for org-level enforcement. Required Technical Skills 5+ years AWS security automation and DevOps. Strong with AWS CDK and CloudFormation; working proficiency in Terraform. CI/CD authoring in GitHub Actions and Azure DevOps. Proficient in Python and Bash, with PowerShell for Windows automation. Able to read Java and C# to integrate and tune SAST/SCA. Practical knowledge of CJIS and NIST 800-53 control families and how to automate checks and evidence. Preferred Qualifications EKS/ECS/Lambda hardening patterns. OPA/Conftest, Checkov, Trivy, Inspector, CodeQL or equivalent. Basic Azure security automation for future phases. #J-18808-Ljbffr