DevSecOps Engineer

DMI is a leading provider of digital services and technology solutions, headquartered in Tysons Corner, VA. With a focus on end-to-end managed IT services, including managed mobility, cloud, cybersecurity, network operations, and application development, DMI supports public sector agencies and commercial enterprises around the globe. Recognized as a Top Workplace, DMI is committed to delivering secure, efficient, and cost-effective solutions that drive measurable results. Learn more at www.dminc.com

DMI is seeking a mid-level DevSecOps Engineer to augment an existing engineering team supporting a federal agency client's hybrid cloud infrastructure. In this role, you will extend and mature established infrastructure automation, CI/CD pipeline capabilities, container orchestration, and security-hardened delivery practices within an active production environment — building on existing patterns rather than designing from scratch.

• →Maintain, extend, and improve Terraform and OpenTofu codebases for provisioning and managing hybrid cloud infrastructure; manage state files and remote backends within approved change control processes
• →Develop and maintain Ansible playbooks and roles to automate system configuration, compliance enforcement, patch management, and application deployment
• →Build, maintain, and improve GitHub Actions workflows incorporating security gates, including SAST, dependency scanning, secrets detection, and policy-as-code validation
• →Support containerized application delivery using Docker for image builds and Kubernetes for orchestration; manage Dockerfiles, Kubernetes manifests, Helm charts, and RBAC configuration
• →Integrate security practices throughout the software delivery lifecycle, enforcing CIS benchmarks and supporting NIST SP 800-53 and FISMA compliance requirements
• →Participate in stand-ups, sprint planning, and peer code reviews; maintain clear records of all changes to shared codebases and pipelines

Applicants selected may be subject to a government security investigation and must meet eligibility requirements for access to classified information. US citizenship may be required for some positions.

• Bachelor's degree in Information Technology or a related field preferred
• Formal education requirements may be waived based on 4 years of relevant professional experience
• Hands-on experience with Terraform and/or OpenTofu, including module development, remote state management, and workspace management
• Proficiency with Ansible, including playbook and role development, dynamic inventories, and Ansible Vault for secrets management
• Demonstrated experience designing and maintaining GitHub Actions workflows, including reusable workflows and security gate integration 
• Working knowledge of Docker image authoring and hardening, Kubernetes manifest and Helm chart management, and container security scanning
• Familiarity with SAST tools (Semgrep, Checkov, tfsec), secrets scanning (Gitleaks, Detect-Secrets), and policy-as-code frameworks (OPA/Rego)
• Proficiency with Git-based workflows, including branching strategies, pull request reviews, and protected branch enforcement 

• Experience in a federal or highly regulated environment
• Familiarity with NIST SP 800-53, FISMA, and FedRAMP compliance requirements 
• Cloud platform experience (AWS)
• Experience with secrets management tools such as HashiCorp Vault 
• Scripting proficiency in Python and Bash