Jobs · Engineering · Maryland

DevSecOps Engineer (Secret Clearance)

Deloitte · Baltimore, MD · 2 days ago
HybridEngineering$108k–$188k/yrFull-time

Work You'll Do

As a Senior Consultant, Enterprise Security on the GPS Cyber team, you will be responsible for...

  • Designing and implementing DevSecOps processes that integrate security controls into software development, build, release, and deployment workflows
  • Building and maintaining continuous integration and continuous delivery pipelines with automated security testing, code scanning, dependency scanning, and secrets detection
  • Supporting cloud and platform engineering teams with secure configuration, infrastructure as code, container security, and identity and access management practices
  • Collaborating with application developers, architects, and cyber teams to remediate vulnerabilities, improve secure coding practices, and strengthen release governance
  • Producing technical documentation, implementation artifacts, and status reporting to support delivery, audit readiness, and client stakeholder decision-making

Qualifications

  • Bachelor's degree in computer science, cybersecurity, information technology, engineering, or mathematics
  • Local to the DMV area and able to work onsite up to 5 days a week
  • 4+ years of experience implementing DevSecOps practices across cloud or hybrid environments
  • 4+ years of experience building or administering continuous integration and continuous delivery (CI/CD) pipelines using Jenkins, GitLab CI, GitHub Actions, or Azure DevOps
  • 2+ years of experience integrating application security testing, dependency scanning, secrets scanning, or container security controls into CI/CD pipelines
  • 3+ years of experience with Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform (GCP), and infrastructure as code using Terraform, AWS CloudFormation, or Ansible
  • Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future

Preferred

  • Experience supporting federal, state, local, or higher education environments
  • Experience with National Institute of Standards and Technology (NIST) 800-53, NIST Secure Software Development Framework, FedRAMP, or Zero Trust security requirements
  • Experience with Docker, Kubernetes, OpenShift, or container orchestration security practices
  • Experience using SonarQube, Snyk, Prisma Cloud, Aqua, or comparable security tooling
  • Experience developing automation using Python, PowerShell, Bash, or Go
  • One or more certifications such as Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), AWS Certified Security - Specialty, Microsoft Azure Security Engineer Associate, or Certified Kubernetes Security Specialist (CKS)

Similar jobs