Mid-Level DevSecOps Engineer
ARCHIVED
We can't find an active application page for this role right now. It may reopen or be listed elsewhere. Use Next Steps to search for an active apply link and similar live jobs.
Key Personnel RequirementsThe Consultant shall provide a DevSecOps Engineer who meets the following specific requirements:Required Technical Skills• Infrastructure as Code: Hands-on experience with Terraform and OpenTofu, including module development, remote state management, and workspace management• Configuration as Code: Proficiency with Ansible, including playbook and role development, dynamic inventories, and Ansible Vault for secrets management• CI/CD: Demonstrated experience designing and maintaining GitHub Actions workflows, including reusable workflows, matrix builds, and security gate integration• Containers: Working knowledge of Docker image authoring and hardening, Kubernetes manifest and Helm chart management, and container security scanning tools (e.g., Trivy, Grype, or equivalent)• Security Integration: Familiarity with SAST tools (e.g., Semgrep, Checkov, tfsec), secrets scanning (e.g., Gitleaks, Detect-Secrets), and policy-as-code frameworks (e.g., OPA/Rego)• Version Control: Proficiency with Git-based workflows including branching strategies, pull request reviews, and protected branch enforcementPreferred Skills• Experience in a federal or highly regulated environment• Familiarity with NIST SP 800-53, FISMA, and FedRAMP compliance requirements• Cloud platform experience (AWS)• Experience with secrets management tools (e.g., HashiCorp Vault)• Scripting proficiency in Python and Bash