DevSecOps Engineer

Job TypeFull-timeDescriptionVeterans Encouraged to Apply: Detroit Defense proudly supports those who have served. We welcome applicants with military experience, including those transitioning to civilian careers. Your leadership, adaptability, and mission-focused mindset are valued here. Detroit Defense is a 4x recipient of the Hire Vets Gold Medallion Award.Detroit Defense is seeking a DevSecOps Engineer with primary strength in Application Security for Linux operating environments. The DevSecOps Engineer will analyze C/C++ development environments, system architectures, and safety-critical security risks to define and implement security controls, realized through DevSecOps pipelines, for embedded applications running in Linux environments. This includes integrating source code repositories, build systems, security analysis tools, issue management systems, and developer environments.Essential Duties And ResponsibilitiesAnalyze application architectures, deployment topologies, and trust boundaries to identify threats and define appropriate security controls across the development lifecycleDevelop and apply threat models to identify vulnerabilities and drive the selection of security controls in code, pipelines, and runtime environmentsInteract with software developers to guide secure development, perform code reviews, and provide actionable, risk-based recommendationsDesign, implement, and maintain CI/CD pipelines that enforce and validate security controls (e.g., SAST, SCA, build integrity, artifact security) for C/C++ applications targeting Linux hostsBuild C/C++ applications using standard Linux toolchains (e.g., gcc/g++, make, cmake) and resolve compilation and dependency issuesManage and securely handle pipeline artifacts, dependencies, and environment variables, ensuring sensitive information is not exposed in code or logsRequirementsA bachelor’s degree from an accredited college or university in computer Science, Engineering, or an applicable field of studyMinimum of three years in Application Security or software development roleAbility to obtain and maintain a Common Access Card (CAC) and a US Government Security ClearanceSkilled in Agile, DevOps, and modern delivery practicesStrong Linux expertise, including system internals and security topics such as permissions, process isolation, secure execution (non-root services), file handling, and common vulnerability classesStrong analytical and problem-solving skills with an attacker mindset, able to anticipate and simulate real-world attacks and identify vulnerabilities beyond automated scanningExperience interpreting and applying security frameworks (e.g., STIGs, FIPS 140-x, NIST 800-53) to derive system-specific security controls and implement them within development pipelines and deployed environmentsEvaluate application and system designs to identify security gaps and recommend architectural improvements beyond pipeline-based controlsEvaluate trade-offs between security, performance, and operational constraints in safety-critical or resource-constrained environmentsHave hands-on experience with GitLab CI/CD pipelines, including writing and debugging .gitlab-ci.yml configurationsAre familiar with Coverity, Black Duck, or similar SAST/SCA tools and understand how to interpret and act on scan resultsHave experience building C/C++ applications in Linux environments using gcc, make, or cmakeAre familiar with secure handling of secrets and credentials within CI/CD pipelinesDetroit Defense offers an impressive compensation and benefits package including:Medical, Dental & Vision BenefitsCompany Paid Life and AD&DCompany Paid Short Term and Long-Term DisabilityFlexible Spending & HSA AccountsLegal & ID Shield Services401k with Company MatchPaid holidaysPaid Time Off (PTO)Why Detroit DefenseAt Detroit Defense, we deliver mission-critical solutions that enhance national security, protect the warfighter, and enable readiness through innovation, technical excellence, and end-to-end lifecycle support.Remaining steadfast in our core values of Trustworthy, Mission Driven, Creative, and Agile we are a complex systems integrator for the U.S. Government, Detroit Defense provides solutions to meet the technical and programmatic challenges faced by our customers. Our proven success in multi-domain cross-platform system-of-systems integration results in fielded capability for warfighters. From R&D to production, fielding, and sustainment, Detroit Defense provides services and solutions to Empower Those That protect Us.Detroit Defense is a proud recipient of the Hire Vets Gold Medallion Award since 2022.Detroit Defense is an Equal Opportunity/Affirmative Action employer. All qualified applicants will be considered without regard to race, color, religion, national origin, sex (including gender identity or gender expression), age, mental or physical disability, creed, ancestry, citizenship, veteran status, marital status, sexual orientation, medical condition, genetic trait or any other characteristic protected by federal, state or local law.Salary Description$100,000 to $125,000