CACI International IncRemote
Senior DevSecOps Cyber Engineer
United States of America
Full Time
1 week ago
$115,000 - $252,000 USD
No H1B
Key skills
PythonJavaBashAWSKubernetesOktaSAMLIdentity ManagementKeycloakCI/CDZero Trust
About this role
CACI International Inc is a company dedicated to ensuring the safety of the nation. They are seeking a Senior DevSecOps Cyber Engineer to support DOD/AF customers with cloud native solutions and implement Zero Trust objectives. The role involves designing, developing, and supporting cyber systems and networks, as well as managing identity management solutions and ensuring compliance with DoD directives.
Responsibilities:
- Responsible for researching, designing, developing, testing and supporting new systems, applications, and solutions for enterprise-wide cyber systems and networks via the Platform One ecosystem
- Applies computer science and other cyber physical engineering disciplines to the design, development, integration, and support of new solutions or products that identify, exploit, protect against, or mitigate cyber security vulnerabilities within the Platform One ecosystem and the greater Dept of Air Force
- Integrates new architectural features into existing infrastructures, designs cyber security architectural artifacts, provides architectural analysis of cyber security features, relates existing system to future needs and trends, provides engineering recommendations, and resolves integration and testing issues
- Develop and manage Keycloak Identity Management solutions for Platform One
- Maintain and enhance custom Keycloak realms, themes, and identity flows (OIDC, OAuth2, SAML)
- Support ICAM initiatives including the migration from Keycloak to Okta
- Design and deploy identity-focused Kubernetes-native solutions
- Build and maintain CI/CD pipelines, automated test frameworks, and secure production deployments
- Ensure compliance with DoD and DAF directives (e.g., STIGs, RMF, ATO)
- Provide operational support including incident response and tiered ticket troubleshooting
- Support RBAC/ABAC implementation and ICAM Federation compliance requirements
Requirements:
- 7+ years Development & DevSecOps experience w/ Bachelors or additional relevant experience
- US Citizenship & Eligibility to obtain a US Secret Clearance
- 2+ years experience with Keycloak, including realm configuration, protocol integrations (OIDC/SAML), and custom theming
- 3–5 years of Java development experience, ideally from a software engineering background
- 2–5 years experience with scripting and automation using Python, Bash, or similar
- 3–5 years experience designing and deploying Kubernetes-based solutions
- Experience with CI/CD pipelines, containerization, and secure DevSecOps practices
- Strong familiarity with DoD compliance requirements, such as ATO, STIGs, FedRAMP
- Experience with CAC authentication, PIV tokens, and client-side PKI certificate handling
- Experience working in AWS environments (CLI and SDK)
- Familiarity with IDAM or DoD ICAM Federation Framework and DAFMAN17-1304 compliance
- Okta experience is a strong plus (especially Federation Practice Statement development and migration from Keycloak)
- Experience with ATO/accreditation processes
- Familiarity with scanning and compliance tools like RMF, ACAS, twistlock, PrismaCloud
- Proven ability to work across multi-tenant identity services, supporting thousands of users and integrating with microservices
- Current Secret Security Clearance