DevSecOps Engineer

SAIC is seeking a talented and motivated DevSecOps Engineer with expertise in designing, implementing, and optimizing secure, scalable CI/CD pipelines. The ideal candidate will play a critical role in ensuring secure software delivery while collaborating with cross-functional teams to deploy secure and resilient infrastructure, applications, and pipelines.

Responsibilities:

• Deploy and maintain secure CI/CD pipelines that support the full software development lifecycle using tools like GitLab, Terraform Helm, or Ansible
• Deploy and maintain multi-stage CI/CD pipelines (e.g., build, test, scan, release, deploy) for efficient, secure delivery of applications
• Build and manage Kubernetes clusters in development, testing, and production environments
• Ensure security best practices, including Role-Based Access Control (RBAC), namespace isolation, and secure ingress/egress traffic configurations
• Deploy tools and processes to enable rapid provisioning and repeatability while maintaining compliance with cyber and operational standards
• Work within a secure, air-gapped IL6 environment and implement robust processes to ensure compliance with DoD or other regulatory frameworks
• Design solutions to securely handle sensitive data, binaries, and infrastructure in disconnected networks
• Integrate DevSecOps tools such as image scanners, static code analysis tools, Cosign for software signing, and vulnerability management frameworks into the pipeline
• Manage, configure, and maintain Windows Server (Active Directory, Group Policy, DNS, DHCP)
• Implement and ensure the security and availability of Windows and Linux systems, including patch management, vulnerability assessments, and compliance with organizational policies
• Automate recurring tasks using scripting tools like PowerShell, Python, or Bash to improve operational efficiency
• Troubleshoot issues within Windows (file systems, network connectivity, performance, and authentication)
• Plan and execute upgrades, migrations, and installations for both Windows and Linux systems
• Collaborate with cross-functional teams to ensure systems integration and operational effectiveness
• Develop and deliver technical documentation, including CI/CD pipeline configurations, workflow processes, and build instructions

Requirements:

• Must have BS Degree with (6) six years of experience
• Security+ Certification
• Must have an active Secret Clearance
• Proficiency with GitLab CI/CD and Git-based workflows to version control and orchestrate pipelines
• Strong hands-on experience with Kubernetes, container technologies (e.g., Docker), and managing workloads within those platforms
• Comprehensive understanding of CI/CD pipeline stages (e.g., build, test, security scan, deployment) and best practices for automation
• Knowledge and experience working in secure environments, specifically Impact Level 6 (IL6) or similarly controlled environments, with a strong understanding of DoD or equivalent compliance frameworks
• Proficiency in tools for security automation: Image Scanning Tools (e.g., Anchore), Static Code Analysis Tools (e.g., SonarQube), Software Signing Tools (e.g., Cosign) for image and binary integrity verification
• Hands-on experience with container hardening and vulnerability remediation
• Strong scripting and automation skills for automating configuration, build, and deployment processes
• Proficiency with Infrastructure as Code (IaC) tools like Terraform, Helm, or Ansible for provisioning and managing secure environments
• Ability to effectively communicate complex technical concepts to developers, security teams, and stakeholders
• Proven experience collaborating in multidisciplinary teams within Agile or DevSecOps methodologies