DevSecOps Engineer

DevSecOps Engineer(REMOTE)

ROLE 

We need an experienced DevSecOps Engineer at the U.S. Securities and Exchange Commission (SEC). The SEC's Division of Corporation Finance reviews public company filings to ensure investors are provided with the material information they need to make informed investment decisions. The Disclosure Review Program (DRP) System — also known as SWAT (System of Workflow and Activity Tracking) is the cloud-based platform that enables this review work, integrating with EDGAR and other SEC systems to support the review of transactional and annual filings. In this role, you will build and secure cloud infrastructure, automate CI/CD pipelines, integrate security tooling across the development lifecycle, and act as a go-to resource for secure coding practices across the development team. This is a full-time, remote opportunity. We can offer a competitive salary and a comprehensive benefits package. 

RESPONSIBILITIES 

• Responsible for building and configuring the system AWS cloud environments using Infrastructure as Code (IaC) best practices and integrating with security tools such as Veracode, Burp Suite to create CI/CD pipelines for deploying security compliant code. 

• Deploy source code using automated pipelines built on GitHub Actions, incorporating SEC-approved IaC methodologies and adhering to Immutable Architecture principles for all deployments.  

• Conduct static code analysis, dependency analysis, and container scanning using SEC-approved tooling 

• Apply security patches, maintain certificates, and address vulnerabilities on a continuous basis, supporting POA&M remediation and responding to findings from security testing. 

• Coach developers on secure coding practices, help IT teams safeguard cloud resources, and act as a go-to resource for all things security.  

• Configure continuous cloud security monitoring and logging to ensure adherence to compliance standards. 

REQUIRED SKILLS/EXPERIENCE 

• Pipeline Automation (CI/CD): Experience building, managing, and securing continuous integration and deployment pipelines using tools like GitHub Actions, GitHub CI. Work with development teams to streamline workflow and support rapid build and deployment of code while maintaining version integrity. 

• Security Tooling Integration: Hands-on experience automating security checks (SAST, DAST, SCA, and container/IaC scanning) directly into the developer workflow.  

• Infrastructure as Code (IaC) & Containers: Proficiency with container management (Docker) and IaC tools (Terraform, Ansible) to enforce secure-by-default configurations.  

• Cloud & Network Configuration and Security: Expertise in configuring and securing cloud-native AWS environments, including identity and access management (IAM) and least-privilege enforcement.  

• Scripting & Programming: Fluency in automation scripting and programming languages such as Python, Java and Java frameworks.  

DESIRED SKILLS/EXPERIENCE 

• AI Experience: Some exposure to AI technologies including GitHub Copilot. 

REQUIRED EDUCATION / CERTIFICATIONS 

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field  

LOCATION 

• Remote (Within eastern time zone) 

CLEARANCE 

• U.S. citizenship is required. Dual citizenship is not permitted on this contract.  

• Ability to obtain SEC public trust  

CLIENT 

• Securities and Exchange Commission (SEC), Disclosure Review Program (DRP) 

WORK HOURS 

• 40 hours per week 

• 8 hours per day 

EMPLOYMENT CLASSIFICATION 

• Employment Classification Eligibility — W2   

RELOCATION 

• Not eligible for relocation benefits 

COMPENSATION 

• Salary range: $120,000 – $140,000 

• Benefits: Benefits package includes options for health, dental, and vision insurance coverage; 401k contribution options 

West 4th Strategy is an Equal Opportunity (EEO) employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, gender, sexual orientation, ancestry, national origin, age, marital status, mental disability, physical disability, medical condition, pregnancy, political affiliation, military or veteran status, or any other basis prohibited by federal or state law.  

Other Considerations: applicants will be subject to a background investigation. Individual’s primary workstation is located in an office area. The noise level in this environment is low to moderate. Regularly required to sit for extended periods up to 80% of the time; frequently required to move about to access file cabinets and use office equipment such as PC, copier, fax, telephone, cell phone, etc. Occasionally required to reach overhead, bend, and lift objects of up to 10 lbs. Specific vision abilities required by this job include the use of computer monitor screens up to 80% of the time.