DevSecOps Engineer
United States
Full Time
3 hours ago
$145,000 - $150,000 USD
No H1B
Key skills
SQLAWSJenkinsOracleJiraAgileScrumCI/CDRisk ManagementOWASP
About this role
Galapagos Federal Systems LLC is seeking a motivated and highly qualified DevSecOps Engineer to support the integration of development, security, and operations practices within a mission-critical Department of Defense (DoD) system. This role enables the continuous delivery of secure, high-quality software supporting more than 6,500 users across the DoD enterprise. The ideal candidate will help maintain and enhance a system that manages sensitive case-level data, requiring strict adherence to DoD cybersecurity standards and security controls.
Responsibilities:
- Design, implement, and maintain DevSecOps CI/CD pipelines that support secure, automated software delivery
- Automate functional testing and integrate automated test cases into the DevSecOps pipeline prior to deployment authorization
- Ensure system deliverables are architected to fully leverage Continuous Integration and Continuous Delivery (CI/CD) capabilities
- Support quarterly Agile sprint cycles, delivering bug fixes, emergency priority updates, and minor system enhancements
- Apply DoD Application Security and Development (ASD) STIG requirements to software architecture, development, and deployment processes
- Implement secure coding best practices, including adherence to OWASP security principles
- Conduct application security scans using tools such as Fortify and Sonatype, and remediate or mitigate identified vulnerabilities in accordance with Cyber Hardening Policies
- Support the migration and deployment of applications to Cloud Service Providers (CSPs) in compliance with the DoD Cloud Computing Security Requirements Guide (SRG)
- Operate and maintain development, test, and production environments within IL4 or IL5 cloud environments supporting Controlled Unclassified Information (CUI)
- Collaborate with development, operations, and security teams to ensure systems remain secure, compliant, and operationally resilient
Requirements:
- U.S. Citizenship
- CompTIASecurity+ CE (DoW 8140/8570 compliant)
- DoW Clearance not Required. Ability to obtain and maintain a Tier 3 (T3) background investigation for Noncritical-Sensitive position; Tier 5 (T5) required for privileged access role
- Prior experience supporting DMDC or DHRA systems
- Experience designing and managing CI/CD pipelines and DevSecOps automation frameworks
- Experience working within AWS GovCloud or other DoD-authorized cloud environments
- Strong technical experience with Oracle databases, SQL, Apache, and Tomcat environments
- Experience with DevSecOps and security tools such as Jenkins, Fortify, Sonatype, and JIRA
- Knowledge of DoD Risk Management Framework (RMF) processes and eMASS
- Experience implementing NIST SP 800-53 security controls and DISA STIG requirements
- Familiarity with Agile/Scrum development methodologies
- Strong understanding of secure coding practices and OWASP security standards
- Experience with MicroStrategy reporting platforms
- Bachelor's degree in Engineering, Computer Science, Information Technology, Systems Engineering, or a related technical discipline
- DoW 8140 cybersecurity workforce certifications