Key skills
PythonBashAITerraformKubernetesGitLab CIVaultHelmPrometheusGrafanaGitLabGitOpsCI/CDLeadershipCollaboration
About this role
Leidos is advancing mission-critical platforms that simulate and interact with complex technical and business environments. The DevSecOps Engineer is responsible for building and maintaining delivery infrastructure, automating security compliance, and developing CI/CD pipelines while ensuring a security-first approach to application development.
Responsibilities:
- Design, implement, and maintain automated CI/CD pipelines that carry code from development through security scanning, compliance validation, and deployment into Navy and DoD environments
- Build and maintain hardened Kubernetes environments aligned to DISA STIG requirements across cloud and restricted network deployment contexts
- Automate security artifact generation including SBOM production, CVE scanning, and continuous compliance validation
- Drive adoption of Infrastructure as Code, GitOps practices, and controls-as-code across the team
- Leverage AI tooling to accelerate pipeline development, vulnerability triage, compliance remediation, and operational documentation
- Partner closely with software engineers, systems engineers, and ISSEs to embed security and compliance requirements from the start of development
- Maintain and evolve deployment infrastructure across multiple secure environments, including cloud and air-gapped or intermittently connected contexts
- Support ATO processes through automated evidence generation, documentation as code, and direct collaboration with the security team
- Establish and promote standards for pipeline design, container security, secrets management, and deployment consistency
- Contribute to feature development when team capacity requires, applying security-first development practices to application code
- Maintain operational documentation including runbooks, deployment guides, and architecture diagrams as version-controlled artifacts
Requirements:
- Must have and maintain a Secret security clearance
- BS degree and 4+ years of professional DevSecOps or DevOps engineering experience, 8+ years of total relevant experience
- Hands-on experience designing and maintaining CI/CD pipelines using GitLab CI; experience with additional pipeline tools a plus
- Experience with Kubernetes administration and hardening in DoD or compliance-driven environments — RKE2 or K3S experience strongly preferred
- Experience implementing DISA STIG compliance in containerized and Linux environments (RHEL or Rocky Linux)
- Proficiency with Infrastructure as Code tooling, particularly Terraform
- Experience with Helm chart authoring and Kubernetes deployment management
- Experience with automated security scanning, SBOM generation, and CVE triage and remediation
- Scripting proficiency in Python or Bash for pipeline and operational automation
- Demonstrated use of AI tooling to accelerate engineering workflows
- Background contributing to application feature development alongside infrastructure work
- Ability to operate independently and manage workload across competing priorities in a small, fast-moving team
- Experience operating in air-gapped or disconnected network environments
- Experience supporting ATO through automation, documentation, and technical leadership
- Active Security+ certification or equivalent IAT Level II certification
- Experience with secrets management tooling such as Vault, Sealed Secrets, or SOPS
- Familiarity with observability and monitoring tools such as Prometheus or Grafana
- Certified Kubernetes Administrator (CKA) or willingness to obtain upon onboarding
- Experience applying “as code” approaches beyond infrastructure (e.g., configuration-as-code, policy-as-code, workflows-as-code, documentation-as-code)