Key skills
DevSecOpsInfrastructure as CodeTerraformKubernetesNIST 800-53FedRAMPCloud Development EnvironmentsNetworking FundamentalsSecurity as CodeCI/CDAIVaultIAMSSOAgileSDLCRisk Management
About this role
Agile Defense is dedicated to supporting the nation's vital missions through innovative technology solutions. They are seeking a DevSecOps Engineer to build and sustain a secure, automated software delivery factory, focusing on implementing a modern toolchain tailored for mission-critical environments.
Responsibilities:
- Deploy and configure enterprise-grade software delivery platforms (CI/CD), automated infrastructure tools, and centralized development environments across diverse hosting models (on-prem, private cloud, or air-gapped)
- Implement hardened installations, including SSO/IAM integration, RBAC, and strict segregation of duties
- Manage secrets and encryption using enterprise tools (e.g., HashiCorp Vault, HSM, or KMS) within highly regulated network boundaries
- Utilize low-code or automated platforms to design and generate production-ready Infrastructure as Code (Terraform or OpenTofu)
- Build and maintain standardized pipeline foundations, including "Golden Templates" and policy guardrails that automate security approvals and ensure mission compliance
- Orchestrate secure, scalable developer workspaces (CDEs) to ensure environment consistency for both human developers and AI coding agents
- Translate technical configurations into NIST 800-53/FedRAMP evidence (system diagrams, control mappings, and configuration baselines) to accelerate security assessments
- Provide post-implementation support, including platform patching, upgrade execution, and audit log/telemetry health checks
- Troubleshoot complex toolchain integration issues across the SDLC, from code scanning to deployment verification
Requirements:
- Experience: 3–5 years in DevSecOps, SRE, or Cloud Engineering
- Security Clearance: Must be eligible to obtain and maintain a Secret Clearance
- Hardened Environments: Proven experience working in restricted, air-gapped, or regulated environments (e.g., GovCloud, FedRAMP, or RMF-governed systems)
- Infrastructure as Code: Strong proficiency in Terraform or OpenTofu
- Container Orchestration: Hands-on experience with Kubernetes (networking, storage, and security policies)
- Networking Fundamentals: Deep understanding of TLS, network proxies, and 'evidence-friendly' telemetry for audit logging
- Prior experience with enterprise CI/CD orchestration platforms
- Experience with Cloud Development Environments (CDEs) or remote workspace orchestration
- Experience generating documentation for RMF (Risk Management Framework) or ATO packages