Build and operate a secure CI/CD pipeline and develop automated evidence collectors to shift federal cATO programs to real-time monitoring. Engineer identity, secrets workflows, and API integrations to map technical data to NIST security controls.
DevSecOps & Evidence-Automation Engineer
Position Overview
We are looking for a highly talented, technical, hands-on DevSecOps & Evidence-Automation Engineer to help accelerate our growing Professional Services business within the Government Sector. This is a 100% remote position. You will build the CI/CD security pipeline and the automated evidence collectors that shift a federal continuous Authorization to Operate (cATO) program from periodic, manual evidence collection to near-real-time, machine-generated control evidence.
Duties & Responsibilities
- CI/CD Security Pipeline: Build and operate a pipeline (SAST, DAST, SCA, container scanning, SBOM, secrets) integrated across source, build, test, release, deploy, and runtime.
- Evidence Automation: Write evidence collectors (Python/boto3, serverless functions, Go) that pull cloud, scanner, and SIEM data and map it to security controls (NIST SP 800-53).
- Source-Control Governance: Establish review gates and attestation formats.
- Integration: Build and maintain API/connector integrations and event-driven data flows feeding the evidence and GRC layer.
- Identity & Secrets: Engineer identity, PKI, and secrets workflows (HashiCorp Vault, AWS Secrets Manager) supporting control evidence.
Qualifications
- High level of attention to detail, needs minimal guidance, effective verbal and written communication.
- 7+ years building cloud-native, event-driven services and automation on AWS (serverless, Terraform/IaC, Docker).
- Strong in Go and/or Java (Spring Boot); Apache Kafka or equivalent event streaming.
- CI/CD pipeline engineering (Jenkins/GitHub Actions) and infrastructure-as-code.
- PKI/X.509 and secrets-management engineering (HashiCorp Vault, AWS Secrets Manager).
- Ability to map technical evidence to security controls (NIST SP 800-53).
- SBOM generation and container signing a plus.
Education
- Bachelor of Science (or higher) in computer engineering, computer science, information technology, cyber security, or a related field.
- Another major will be considered, provided it clearly addresses at least one of the following: cyber security engineering, systems administration, information systems security, software development security, systems engineering, information systems, or information technology.
Clearance Level
- No Clerance required, but an active Secret Clearance is preferred.
Work Location
- Primary location(s) are Arlington and Alexandria VA. Remote work is authorized, but the employee may have to report to one of the primary sites occasionally or as requested by management or the client.
Hours of Operation
SALARY RANGE
- Ability to pass a minimum background investigation.