Senior DevSecOps Engineer

Overview Element 84 is a woman-owned small business that works with public, private, and non-profit sector clients to develop geospatial data processing pipelines and build software that helps answer big questions about our health, our infrastructure, and our changing planet. We solve challenging problems across a wide range of industries, with a focus on cloud-based geospatial data processing, remote sensing, and Earth science systems. Our headquarters is located in Alexandria, VA and we have a satellite office in Philadelphia, PA. Element 84 also supports a large remote workforce from a variety of other states. About You You are curious about the world, are constantly learning, driven to lead (formally or informally), and have a strong work ethic. You’re interested in solving impactful problems in science, medicine, and other projects that have a societal good. You can work independently or with a team, prioritize your projects, and be effective without micromanagement. You care about writing. Our team is remote and written communication is essential. In addition to caring about a well-crafted email and a succinct conference abstract, you understand that good writing is good design and engineering. Job Summary We are seeking a highly skilled and experienced Senior DevSecOps Engineer to join our team. In this role, you will be a key contributor to securing our client’s cloud infrastructure and applications across AWS, Azure, and Google Cloud Platform (GCP). You will be responsible for ensuring compliance with federal security standards and integrating security best practices into our development and operations processes. This is a senior-level position that requires in-depth technical knowledge and the ability to work independently under the general direction of our client’s Cybersecurity Organization. Key Responsibilities Cloud Security Engineering: Design, implement, and maintain secure cloud solutions across AWS, Azure, and GCP to meet mission and compliance requirements. Security Documentation: Assist in developing and maintaining essential security artifacts, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POA&Ms). Architectural Analysis: Analyze complex cloud and system architectures to identify security risks and recommend effective mitigation strategies. Control Implementation: Apply and document security controls based on NIST 800-53 and NIST 800-171 standards. DevSecOps Integration: Collaborate with all functional areas of the team to embed security into CI/CD pipelines and automate security checks. Vulnerability & Incident Support: Assist in cloud-based incident response and lead vulnerability remediation efforts. Cloud Security Best Practices: Provide expert guidance on cloud security best practices, including encryption, access controls, identity management, and data protection. Security Tooling & Evaluation: Evaluate, recommend, and implement cloud-native and third-party security tools. Risk & Change Management: Participate in design reviews, risk assessments, and change control processes to ensure the security of new systems and changes. Continuous Monitoring: Lead annual security assessments and ongoing monitoring activities to maintain a strong security posture. Stakeholder Guidance: Advise Information System Owners (ISOs) on system security and compliance matters. Tenant Oversight: Oversee security posture for cloud infrastructure and monitor tenant security control implementation. Interconnection Security Agreements (ISAs): Support the development and maintenance of ISAs between tenants and Cloud Computing Services. Qualifications Education: Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field. Industry Certification: AWS Associate-level certification is required. If not currently held, the candidate must successfully obtain this certification within 6 months of their start date. Experience: A minimum of 8 years of experience in information security, with significant experience in a cloud environment. Technical Knowledge: Deep understanding of cybersecurity principles, intrusion detection, vulnerability assessment, and network architecture. Autonomy: Proven ability to work independently and provide guidance to junior team members. Communication: Excellent communication and advisory skills to consult with and advise other teams on security procedures and policies. Note : This position requires that applicants be authorized to work in the United States without sponsorship now or at any time in the future, and be able to pass a general background check. Benefits & Additional Information Pay range for this position is between $150,000-$180,000. Actual compensation offered to candidate will be finalized at offer and may be above or below the posted range due to skill level, experience, industry-specific knowledge, education/certifications, or geographic location. Base salary represents just one component of the Element 84 total compensation package. Employees will also receive a number of benefits as listed below. Other compensation for this position may include bonus eligibility (dependent on employee performance and company profits). This is a full time, salaried position. Remote candidates are encouraged, but only in states/localities where E84 is already set up for business. Applications will only be considered if candidate is located in one of the following states: AZ, CA, CO, DC, FL, IL (excluding Chicago), IN, KS, MD, MI, MN, MT, NH, NJ, OH, OR, PA, RI, SD, TX, UT, VA, or VT. Competitive medical, dental and vision benefits Life Insurance, Short & Long Term disability insurance Voluntary Accident, Critical Illness & Hospital Insurance 401(k) and Roth 401(k) retirement plans with a fixed 3% of salary employer contributions Health savings account with a company contribution Flexible spending accounts (medical, dependent care and transportation) Company-paid parental leave after one year of employment Flexible work schedules Paid employee assistance program 9 paid holidays 4 weeks + 1 day Paid Time Off per calendar year (prorated first year) Cell phone stipend Element 84 is an equal opportunity employer. #J-18808-Ljbffr