Job Title: Senior DevSecOps Engineer
Location: National Capital Region (NRC) or Colorado Springs, CO (Onsite 100%)
Clearance Level: Active TS/SCI with CI Polygraph
Citizenship: U.S. Citizen
About Us:
Rapid Strategy is a premier cybersecurity consulting firm specializing in advanced, comprehensive cybersecurity solutions for federal government agencies. As a minority-owned business, we are committed to protecting national security by providing our clients with cutting-edge security strategies and implementations.
Position Overview:
We are seeking a highly experienced
Senior DevSecOps Engineer to work onsite in Washington, DC or Colorado Springs, CO. The ideal candidate will have a minimum of 6 years of experience in DevSecOps, with extensive knowledge of integrating security into CI/CD pipelines, cloud environments, and containerized applications. The candidate must possess an active TS//SCI clearance with CI polygraph and meet or exceed DoD 8140 IAM Level II or III requirements.
Key Responsibilities:
- DevSecOps Pipeline Integration: Design, implement, and manage secure CI/CD pipelines for federal government systems, embedding automated security checks and controls into the software development lifecycle.
- Infrastructure as Code (IaC): Develop and manage infrastructure using IaC tools (e.g., Terraform, Ansible) to ensure secure and compliant deployment of systems and services across on-premise and cloud environments.
- Security Controls & Compliance: Implement security controls and ensure continuous compliance with federal frameworks, including NIST SP 800-53, RMF, ICD 503, and FedRAMP, in both cloud and containerized environments (IL5-IL6+).
- Log Management & Monitoring: Specify and implement log collection processes using tools like Splunk, and perform querying and analysis of aggregated logs to identify security-relevant anomalies and risks.
- Cloud Security: Implement and manage security within cloud environments such as AWS GovCloud, Azure Government, and containerized systems using Kubernetes, ensuring all security controls are met and maintained.
- Automation & Orchestration: Develop automation scripts and tools to integrate security into all aspects of development, testing, and deployment processes. Ensure security best practices are followed within the DevSecOps lifecycle.
- Incident Response: Lead efforts in securing systems during incidents, including conducting forensic analysis, coordinating responses, and ensuring systems are returned to operational status with appropriate remediations.
- Collaboration: Work closely with federal development, operations, and security teams to foster a security-first culture and ensure security is embedded in every aspect of system development and deployment.
- Documentation and Reporting: Prepare detailed technical documentation for systems, processes, and configurations. Provide clear and concise reports to federal stakeholders on security posture, incidents, and compliance with federal standards.
Qualifications:
- Experience:
- At least 6 years of experience in DevSecOps, including designing, implementing, and managing CI/CD pipelines, cloud environments, and containerized applications.
- Extensive experience with federal government regulatory frameworks (e.g., NIST SP 800-53, RMF, ICD 503, FISMA, FedRAMP).
- Strong background in log collection and analysis using tools like Splunk, identifying security anomalies and responding appropriately.
- Experience in cloud platforms (AWS GovCloud, Azure Government) and containerized environments (Kubernetes, Docker).
- Knowledge of IaC tools such as Terraform, Ansible, and security automation tools.
- Clearance:
- Active TS/SCI clearance with CI polygraph is required.
- U.S. citizenship is mandatory.
- Education & Certifications:
- Bachelor's degree in Computer Science, Information Security, or a related field.
- CISSP or equivalent certification to support DoD 8140 requirements (IAM Level II or III preferred).
- Technical Expertise:
- Proficiency with CI/CD tools (e.g., Jenkins, GitLab, Azure DevOps), IaC tools (e.g., Terraform, Ansible), and security tools (e.g., Fortify, Acunetix, Prisma Cloud).
- Experience with cloud security, container security, and DevSecOps practices within highly classified environments (IL5 to IL6+).
- Strong understanding of network protocols, operating systems, and infrastructure components, particularly as they relate to secure DevSecOps implementations.
- Incident Response:
- Proficient in incident response and forensic analysis techniques, ensuring rapid recovery from security incidents while maintaining system integrity.
- Communication Skills:
- Excellent communication skills, capable of conveying complex security concepts to both technical and non-technical stakeholders.
Work Environment:
- Location: Onsite, 100% at the National Capital Region (NRC), Tampa Bay, FL, or Colorado Springs, CO. No remote work is permitted.
- Clearance Requirement: Active TS//SCI with CI Polygraph is mandatory.
Why Rapid Strategy?
- Be part of a talented and dedicated team contributing to national security through advanced cybersecurity solutions.
- Opportunity to work on mission-critical projects that impact federal government security.
- Competitive salary and comprehensive benefits package.