DevSecOps Engineer
ARCHIVED
We can't find an active application page for this role right now. It may reopen or be listed elsewhere. Use Next Steps to search for an active apply link and similar live jobs.
Computer World Services Corp. (CWS) is seeking a highly motivated and technically skilled DevSecOps Engineer responsible for the analysis, design, implementation, automation, security, testing, deployment, and lifecycle management of enterprise applications and supporting infrastructure within the NIEHS environment.
The DevSecOps Engineer combines business systems analysis expertise with modern software engineering, infrastructure automation, cybersecurity, and platform operations capabilities to support secure, scalable, and highly available enterprise applications. This position serves as a key contributor in integrating development, security, and operations practices throughout the Software Development Lifecycle (SDLC), ensuring compliance with Federal security requirements and supporting enterprise modernization initiatives.
The DevSecOps Engineer works closely with software developers, database administrators, systems engineers, cybersecurity personnel, project managers, and business stakeholders to deliver secure, reliable, and automated application solutions supporting NIEHS mission requirements.
Key Tasks & Responsibilities
Engineering and CI/CD Automation
Design, implement, maintain, and optimize enterprise CI/CD pipelines supporting software development and deployment activities.
Develop automated workflows for code integration, testing, security validation, packaging, release management, and deployment.
Administer and support CI/CD platforms including:
Jenkins
GitLab CI/CD
GitHub Actions
Support source code management platforms and branching strategies.
Implement deployment automation across development, integration, testing, staging, and production environments.
Monitor pipeline performance and continuously improve delivery efficiency and reliability.
Migrate software builds through development, testing, integration, and production environments.
Monitor deployment activities and remediate deployment failures within established service level agreements.
Infrastructure as Code and Automation
Develop and maintain Infrastructure as Code (IaC) solutions using Terraform.
Implement automated configuration management using Ansible.
Develop reusable infrastructure modules, templates, and automation frameworks.
Automate operational, administrative, and deployment processes.
Support environment standardization and infrastructure modernization initiatives.
Implement automated provisioning and configuration management capabilities across enterprise environments.
Container Platform Engineering
Support containerized application deployments using Docker and Kubernetes platforms.
Administer Rancher-managed Kubernetes environments.
Manage container image lifecycle processes and private container registries.
Implement container security best practices and vulnerability remediation procedures.
Support runtime security monitoring and compliance initiatives.
Assist application teams with container adoption, deployment patterns, and troubleshooting.
Application Security and Integration
Integrate security controls and automated testing throughout the Software Development Lifecycle.
Configure and maintain application security tools including:
OpenText Fortify (SAST)
Dynamic Application Security Testing (DAST)
Software Composition Analysis (SCA)
Secrets Management and Scanning Tools
Review vulnerability findings and collaborate with development teams to remediate issues.
Implement automated security gates and quality control processes.
Support secure software development initiatives aligned with Federal security requirements.
Promote DevSecOps best practices across development and operations teams.
Vulnerability Management and Compliance
Support vulnerability management activities using Tenable and related security platforms.
Conduct vulnerability assessments, remediation tracking, and risk analysis.
Develop mitigation strategies when vulnerabilities cannot be remediated within required service levels.
Coordinate mitigation approvals with Information System Security Officers (ISSOs).
Implement approved mitigation plans following established change management procedures.
Maintain compliance with:
FISMA
NIST 800-53
NIST Secure Software Development Framework (SSDF)
NIH and HHS security policies
Zero Trust Architecture principles
Support audit readiness and compliance reporting activities.
Required Technical Skills
CI/CD and Automation
Jenkins
GitLab CI/CD
GitHub Actions
Git-based Source Control
Release Management
Infrastructure Automation
Terraform
Ansible
Infrastructure as Code (IaC)
Configuration Management
Container Technologies
Docker
Kubernetes
Rancher
Security
OpenText Fortify
SAST
DAST
Software Composition Analysis (SCA)
Secrets Management
Tenable Vulnerability Management
Programming and Scripting
Python
JavaScript / TypeScript
Java
C#
PHP
REST APIs
Enterprise Platforms
Windows Server
Red Hat Enterprise Linux (RHEL)
Microsoft SQL Server
Oracle Database
Education & Experience
Education
Bachelor’s degree in Computer Science, Information Systems, Engineering, or related field (or equivalent experience)
Experience
Three (3) to seven (7) years of experience in DevOps, DevSecOps, Systems Engineering, Platform Engineering, Infrastructure Automation, or a related technical discipline.
Experience building or supporting CI/CD pipelines in enterprise environments.
Experience working with Git-based source control systems.
Experience supporting Windows and Linux environments.
Experience developing automation scripts and tools.
Certifications
Security+
Terraform Associate
Certified Kubernetes Application Developer (CKAD)
Certified Kubernetes Administrator (CKA)
GitLab CI/CD Certification
Azure Fundamentals or equivalent cloud certification
Certified DevSecOps Professional
ITIL Foundation
Security Clearance
Applicants must be able to obtain a Public Trust clearance
Computer World Services is an affirmative action and equal employment opportunity employer. Current employees and/or qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, disability, protected veteran status, genetic information or any other characteristic protected by local, state, or federal laws, rules, or regulations.
Computer World Services is committed to the full inclusion of all qualified individuals. As part of this commitment, Computer World Services will ensure that individuals with disabilities (IWD) are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact Human Resources at hr@cwsc.com.
#J-18808-Ljbffr