DevSecOps Engineer

Position: DevSecOps EngineerPosition Type: ContractLocation: Hybrid – Onsite in Troy, MI and Remote (Primarily remote)Industry: Aerospace and DefensePay: $50.00 to $70.00 HourlyShift: 1st Shift: Monday – FridayBenefits:Weekly Pay Eligibility to enroll in health benefits on your first day!Referral Bonuses ($100 per referral) – Ask for detailsPosition Summary:We're looking for a DevSecOps Engineer whose primary expertise is Application Security within Linux operating environments. In this role, you'll evaluate C/C++ development environments, system architectures, and safety-critical security risks in order to define and implement security controls—delivered through DevSecOps pipelines—for embedded applications that run on Linux. The work involves integrating source code repositories, build systems, security analysis tools, issue management platforms, and developer environments into a cohesive pipeline.Position Responsibilities:Examine application architectures, deployment topologies, and trust boundaries to surface threats and establish suitable security controls throughout the development lifecycleCreate and apply threat models that expose vulnerabilities and inform the choice of security controls across code, pipelines, and runtime environmentsCollaborate with software developers to advise on secure coding practices, conduct code reviews, and deliver actionable, risk-based recommendationsArchitect, deploy, and maintain CI/CD pipelines that enforce and verify security controls (such as SAST, SCA, build integrity, and artifact security) for C/C++ applications targeting Linux hostsCompile C/C++ applications using standard Linux toolchains (such as gcc/g++, make, and cmake), and troubleshoot compilation and dependency issuesOversee and securely handle pipeline artifacts, dependencies, and environment variables, making sure sensitive information stays out of code and logsPosition Requirements:A bachelor's degree in a relevant field of study from an accredited college or universityCapable of obtaining and maintaining both a Common Access Card (CAC) and a US Government Security ClearanceProficient in Agile, DevOps, and contemporary delivery practicesDeep Linux knowledge, covering system internals and security areas like permissions, process isolation, secure execution (non-root services), file handling, and common vulnerability classesSharp analytical and problem-solving abilities paired with an attacker mindset, with the ability to anticipate and emulate real-world attacks and uncover vulnerabilities that automated scanning missesBackground in interpreting and applying security frameworks (such as STIGs, FIPS 140-x, and NIST 800-53) to derive system-specific security controls and put them into practice within development pipelines and deployed environmentsAssess application and system designs to pinpoint security gaps and propose architectural improvements that go beyond pipeline-based controlsWeigh trade-offs among security, performance, and operational constraints in safety-critical or resource-constrained environmentsHands-on experience working with GitLab CI/CD pipelines, including authoring and debugging .gitlab-ci.yml configurationsFamiliarity with Coverity, Black Duck, or comparable SAST/SCA tools, along with the ability to interpret scan findings and act on themExperience compiling C/C++ applications in Linux environments using gcc, make, or cmakeKnowledgeable about the secure handling of secrets and credentials within CI/CD pipelinesAbout Spark Talent Acquisition:Spark Talent Acquisition is a Michigan-headquartered recruiting and staffing company that connects great talent with great employers. We understand that building the right team is vital to success. Listening to our clients and creating customized workforce strategies is at the core of what we do. We pride ourselves in team development as it matches our purpose as an organization to help people grow.