Cwsc5h ago

New

DevSecOps Engineer

United States·MorrisvilleFull-timemid

CybersecurityDevSecOps Engineer

0 views0 saves0 applied

Apply Now

Quick Summary

Overview

Computer World Services Corp. (CWS) is seeking a highly motivated and technically skilled DevSecOps Engineer responsible for the analysis, design, implementation, automation, security, testing,

Technical Tools

CybersecurityDevSecOps Engineer

Computer World Services Corp. (CWS) is seeking a highly motivated and technically skilled DevSecOps Engineer responsible for the analysis, design, implementation, automation, security, testing, deployment, and lifecycle management of enterprise applications and supporting infrastructure within the NIEHS environment.

The DevSecOps Engineer combines business systems analysis expertise with modern software engineering, infrastructure automation, cybersecurity, and platform operations capabilities to support secure, scalable, and highly available enterprise applications. This position serves as a key contributor in integrating development, security, and operations practices throughout the Software Development Lifecycle (SDLC), ensuring compliance with Federal security requirements and supporting enterprise modernization initiatives.

The DevSecOps Engineer works closely with software developers, database administrators, systems engineers, cybersecurity personnel, project managers, and business stakeholders to deliver secure, reliable, and automated application solutions supporting NIEHS mission requirements.

• Design, implement, maintain, and optimize enterprise CI/CD pipelines supporting software development and deployment activities.

• Develop automated workflows for code integration, testing, security validation, packaging, release management, and deployment.

• Administer and support CI/CD platforms including:

Jenkins
GitLab CI/CD
GitHub Actions

• Support source code management platforms and branching strategies.

• Implement deployment automation across development, integration, testing, staging, and production environments.

• Monitor pipeline performance and continuously improve delivery efficiency and reliability.

• Migrate software builds through development, testing, integration, and production environments.

• Monitor deployment activities and remediate deployment failures within established service level agreements.

• Develop and maintain Infrastructure as Code (IaC) solutions using Terraform.

• Implement automated configuration management using Ansible.

• Develop reusable infrastructure modules, templates, and automation frameworks.

• Automate operational, administrative, and deployment processes.

• Support environment standardization and infrastructure modernization initiatives.

• Implement automated provisioning and configuration management capabilities across enterprise environments.

• Support containerized application deployments using Docker and Kubernetes platforms.

• Administer Rancher-managed Kubernetes environments.

• Manage container image lifecycle processes and private container registries.

• Implement container security best practices and vulnerability remediation procedures.

• Support runtime security monitoring and compliance initiatives.

• Assist application teams with container adoption, deployment patterns, and troubleshooting.

• Integrate security controls and automated testing throughout the Software Development Lifecycle.

• Configure and maintain application security tools including:

OpenText Fortify (SAST)
Dynamic Application Security Testing (DAST)
Software Composition Analysis (SCA)
Secrets Management and Scanning Tools

• Review vulnerability findings and collaborate with development teams to remediate issues.

• Implement automated security gates and quality control processes.

• Support secure software development initiatives aligned with Federal security requirements.

• Promote DevSecOps best practices across development and operations teams.

• Support vulnerability management activities using Tenable and related security platforms.

• Conduct vulnerability assessments, remediation tracking, and risk analysis.

• Develop mitigation strategies when vulnerabilities cannot be remediated within required service levels.

• Coordinate mitigation approvals with Information System Security Officers (ISSOs).

• Implement approved mitigation plans following established change management procedures.

• Maintain compliance with:

FISMA
NIST 800-53
NIST Secure Software Development Framework (SSDF)
NIH and HHS security policies
Zero Trust Architecture principles

• Support audit readiness and compliance reporting activities.

• Jenkins

• GitLab CI/CD

• GitHub Actions

• Git-based Source Control

• Release Management

• Terraform

• Ansible

• Infrastructure as Code (IaC)

• Configuration Management

• Docker

• Kubernetes

• Rancher

• OpenText Fortify

• SAST

• DAST

• Software Composition Analysis (SCA)

• Secrets Management

• Tenable Vulnerability Management

• Python

• JavaScript / TypeScript

• Java

• C#

• PHP

• REST APIs

• Windows Server

• Red Hat Enterprise Linux (RHEL)

• Microsoft SQL Server

• Oracle Database

Bachelor’s degree in Computer Science, Information Systems, Engineering, or related field (or equivalent experience)

Three (3) to seven (7) years of experience in DevOps, DevSecOps, Systems Engineering, Platform Engineering, Infrastructure Automation, or a related technical discipline.
Experience building or supporting CI/CD pipelines in enterprise environments.
Experience working with Git-based source control systems.
Experience supporting Windows and Linux environments.
Experience developing automation scripts and tools.

Below certifications or similar are a plus, but not required:

Security+
Terraform Associate
Certified Kubernetes Application Developer (CKAD)
Certified Kubernetes Administrator (CKA)
GitLab CI/CD Certification
Azure Fundamentals or equivalent cloud certification
Certified DevSecOps Professional
ITIL Foundation

Applicants must be able to obtain a Public Trust clearance

Computer World Services is an affirmative action and equal employment opportunity employer. Current employees and/or qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, disability, protected veteran status, genetic information or any other characteristic protected by local, state, or federal laws, rules, or regulations.

Computer World Services is committed to the full inclusion of all qualified individuals. As part of this commitment, Computer World Services will ensure that individuals with disabilities (IWD) are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact Human Resources at hr@cwsc.com.