Key skills
AWSAzureKubernetesJenkinsGitHub ActionsGitLab CIEKSAKSHelmIAMSAMLSSOSingle Sign-OnKeycloakPrometheusGrafanaDatadogGitHubGitLabIstioService MeshCI/CD
About this role
RAPIDFORT is seeking a skilled DevSecOps Engineer to design, deploy, and maintain secure, cloud-native infrastructure supporting Department of War customers. The role focuses on delivering hardened, compliant software systems at scale while working with container platforms, CI/CD pipelines, and government cloud environments.
Responsibilities:
- Design and maintain Kubernetes-based infrastructure, including cluster provisioning, RBAC configuration, network policy, and workload management
- Package and deploy applications using Helm charts; maintain chart repositories and manage release lifecycle across environments
- Implement and enforce policy controls using Istio service mesh, OPA Gatekeeper, Kyverno, and related Kubernetes admission controllers
- Build and maintain CI/CD pipelines using GitLab CI, GitHub Actions, Jenkins, or equivalent tooling; integrate automated security scanning and compliance gates
- Deploy and operate workloads on AWS GovCloud and Azure Government; architect for high availability, disaster recovery, and cross-region compliance requirements
- Manage and harden container images; integrate with Iron Bank, Platform One, and other DoW-approved registry sources
- Configure and maintain observability stacks including Prometheus, Grafana, and Datadog; develop alerting, dashboards, and SLO frameworks
- Participate in ATO processes, support STIG/CIS compliance scanning, and contribute to System Security Plans (SSPs) and documentation artifacts
- Collaborate with development, security, and program teams to establish and refine DevSecOps practices across the software delivery lifecycle
- Support air-gapped and classified environment deployments; design solutions for offline image transfer, registry mirroring, and artifact management
- Coordinate with government platform teams and managed service providers to integrate and sustain vendor tooling within approved DoD software factories
Requirements:
- 4+ years of hands-on experience with Kubernetes in production environments
- Demonstrated experience deploying and managing applications via Helm in multi-environment configurations
- Working knowledge of Istio, OPA Gatekeeper, Kyverno, or equivalent Kubernetes policy and service mesh tooling
- Experience with at least one major CI/CD platform: GitLab CI, GitHub Actions, Jenkins, or equivalent
- Hands-on experience with AWS and/or Azure cloud platforms, including IAM, networking, storage, and managed Kubernetes services (EKS, AKS)
- Experience with container image workflows: building, scanning, hardening, and distributing images via OCI registries
- Familiarity with monitoring and observability tools including Prometheus, Grafana, and/or Datadog
- Experience with Single Sign-On (SSO) and identity federation; familiarity with Keycloak or equivalent OIDC/SAML providers
- Active DoW security clearance (Secret or higher)
- Experience with Iron Bank, Registry1, Platform One, or Big Bang-based software factory environments
- Familiarity with GitLab Ultimate features including security dashboards and dependency scanning
- Experience supporting Air Force, Space Force, Navy, or other military branch programs
- Exposure to software supply chain security tooling: Sigstore/cosign, vulnerability scanners, SBOM generation, and compliance scanning tools
- Prior work in cATO, continuous authorization, or Ongoing Authorization environments
- CKA, CKS, AWS GovCloud certifications, or equivalent credentials
- Experience with AWS GovCloud and/or Azure Government
- Understanding of DoD compliance frameworks: NIST 800-53, STIGs, RMF, FedRAMP