Senior DevSecOps Engineer at Pyramid Technology Solutions, Inc

Client: Rapid Strategy

Job Title: Senior DevSecOps Engineer

Location: National Capital Region (NRC) or Colorado Springs, CO (Onsite 100%)

Clearance Level: Active TS/SCI with CI Polygraph

Citizenship: U.S. Citizen

About Us:

Rapid Strategy is a premier cybersecurity consulting firm specializing in advanced, comprehensive cybersecurity solutions for federal government agencies. As a minority-owned business, we are committed to protecting national security by providing our clients with cutting-edge security strategies and implementations.

Position Overview:

We are seeking a highly experienced Senior DevSecOps Engineer to work onsite in Washington, DC or Colorado Springs, CO. The ideal candidate will have a minimum of 6 years of experience in DevSecOps, with extensive knowledge of integrating security into CI/CD pipelines, cloud environments, and containerized applications. The candidate must possess an active TS//SCI clearance with CI polygraph and meet or exceed DoD 8140 IAM Level II or III requirements.

Key Responsibilities:

• DevSecOps Pipeline Integration: Design, implement, and manage secure CI/CD pipelines for federal government systems, embedding automated security checks and controls into the software development lifecycle.
• Infrastructure as Code (IaC): Develop and manage infrastructure using IaC tools (e.g., Terraform, Ansible) to ensure secure and compliant deployment of systems and services across on-premise and cloud environments.
• Security Controls & Compliance: Implement security controls and ensure continuous compliance with federal frameworks, including NIST SP 800-53, RMF, ICD 503, and FedRAMP, in both cloud and containerized environments (IL5-IL6+).
• Log Management & Monitoring: Specify and implement log collection processes using tools like Splunk, and perform querying and analysis of aggregated logs to identify security-relevant anomalies and risks.
• Cloud Security: Implement and manage security within cloud environments such as AWS GovCloud, Azure Government, and containerized systems using Kubernetes, ensuring all security controls are met and maintained.
• Automation & Orchestration: Develop automation scripts and tools to integrate security into all aspects of development, testing, and deployment processes. Ensure security best practices are followed within the DevSecOps lifecycle.
• Incident Response: Lead efforts in securing systems during incidents, including conducting forensic analysis, coordinating responses, and ensuring systems are returned to operational status with appropriate remediations.
• Collaboration: Work closely with federal development, operations, and security teams to foster a security-first culture and ensure security is embedded in every aspect of system development and deployment.
• Documentation and Reporting: Prepare detailed technical documentation for systems, processes, and configurations. Provide clear and concise reports to federal stakeholders on security posture, incidents, and compliance with federal standards.
  
  

Qualifications:

• Experience:
• At least 6 years of experience in DevSecOps, including designing, implementing, and managing CI/CD pipelines, cloud environments, and containerized applications.
• Extensive experience with federal government regulatory frameworks (e.g., NIST SP 800-53, RMF, ICD 503, FISMA, FedRAMP).
• Strong background in log collection and analysis using tools like Splunk, identifying security anomalies and responding appropriately.
• Experience in cloud platforms (AWS GovCloud, Azure Government) and containerized environments (Kubernetes, Docker).
• Knowledge of IaC tools such as Terraform, Ansible, and security automation tools.
• Clearance:
• Active TS/SCI clearance with CI polygraph is required.
• U.S. citizenship is mandatory.
• Education & Certifications:
• Bachelor's degree in Computer Science, Information Security, or a related field.
• CISSP or equivalent certification to support DoD 8140 requirements (IAM Level II or III preferred).
• Technical Expertise:
• Proficiency with CI/CD tools (e.g., Jenkins, GitLab, Azure DevOps), IaC tools (e.g., Terraform, Ansible), and security tools (e.g., Fortify, Acunetix, Prisma Cloud).
• Experience with cloud security, container security, and DevSecOps practices within highly classified environments (IL5 to IL6+).
• Strong understanding of network protocols, operating systems, and infrastructure components, particularly as they relate to secure DevSecOps implementations.
• Incident Response:
• Proficient in incident response and forensic analysis techniques, ensuring rapid recovery from security incidents while maintaining system integrity.
• Communication Skills:
• Excellent communication skills, capable of conveying complex security concepts to both technical and non-technical stakeholders.

Work Environment:

• Location: Onsite, 100% at the National Capital Region (NRC),Colorado Springs, CO. No remote work is permitted.