Lead Software Engineer – DevSecOps & Modernization
Job Overview
LCG is seeking a Lead Software Engineer - DevSecOps & Modernization to provide hands-on technical leadership across application development, enhancements, modernization, and secure DevSecOps delivery supporting ITAC’s custom and COTS application portfolio.
Key Responsibilities
Technical Leadership & Hands-On Engineering Execution
Serve as the technical owner for assigned applications and services across the ITAC portfolio, providing implementation leadership for new development, enhancements, operations support, remediation, and modernization efforts.
Lead sprint-level technical execution within ITAC’s Agile/SAFe delivery model, ensuring engineering delivery meets sprint goals and program increment planning objectives.
Establish and enforce coding standards and architectural patterns (e.g., reusable components, API standards, dependency management, error handling, security-by-design).
Provide hands-on leadership across the implementation lifecycle: design, coding, debugging, refactoring, performance tuning, and build/deploy readiness.
Drive software engineering delivery for:
custom application development and enhancement
COTS configuration/customization and integration
refactoring and modernization of legacy applications and services
Architecture, Solution Design and ITAC EA Governance
Ensure all technical solutions align to ITAC target architecture and enterprise architecture/security guidance; actively support EA approvals and governance expectations.
Author and maintain Solution Architecture Documents (SADs) and supporting artifacts using the ITAC Solution Architecture Template, including updates for major releases.
Participate in design and architecture reviews, coordinating with product owners, security stakeholders, DevOps/EOps, and configuration management teams.
Produce and maintain required technical design artifacts, including:
logical and deployment diagrams (including container/deployment topology where applicable)
interface/integration specifications and dependency mapping
data flow diagrams and security boundary considerations
integration and implementation plans, including rollback/back-out planning
DevSecOps Enablement and CI/CD Pipeline Integration
Ensure compliance with ITAC configuration management and release packaging standards (standard naming conventions, directory structures, versioning expectations, release-ready packaging).
Integrate delivery into ITAC CI/CD patterns and pipelines, including:
CloudBees Jenkins-based CI/CD pipelines
GitHub Actions workflows, where applicable
Ensure DevSecOps best practices are implemented as standard controls, including:
automated builds, packaging, and artifact promotion
test automation embedded in pipelines (unit + regression + integration)
automated code quality and security scanning and gating
Secure Software Development and Vulnerability Remediation
Ensure secure SDLC practices are enforced across engineering work, incorporating security controls into design, implementation, and delivery.
Lead remediation for vulnerabilities and weaknesses discovered through ITAC security scanning and assessments, coordinating remediation plans and timelines with security stakeholders.
Drive modernization away from unsupported/EOL technologies and dependencies, ensuring systems remain within lifecycle support requirements.
Code Quality, Reviews, Mentorship and Technical Debt Reduction
Conduct deep technical code reviews focused on:
correctness, maintainability, performance, and security
architectural consistency and implementation standards
testability and unit test coverage enforcement
Establish quality gates and enforce maintainability standards through tools like SonarQube and pipeline-based controls.
Mentor developers on engineering best practices, enterprise Java patterns, CI/CD automation, secure coding standards, and container-native delivery.
Testing, Verification, Compliance and Delivery Evidence
Support and enforce Section 508 accessibility compliance, including ensuring required testing evidence and reporting support where needed.
Ensure required documentation, test evidence, and release artifacts are produced in alignment with ITAC delivery requirements and ORR readiness.
Ensure testing is embedded across the SDLC, including:
unit testing, integration testing, functional testing, regression testing
performance/load testing as applicable
deployment validation and smoke testing
Production Deployments, Operational Readiness and Post-Deployment Support
Provide post-deployment validation (smoke testing, defect triage, hyper-care) and lead root cause analysis and corrective action for production issues.
Ensure stable releases through repeatable deployments and validation aligned to ITAC release governance.
Support production deployments and operational readiness activities, including:
deployment coordination with ITAC DevOps/EOps/CM teams
implementation planning, rollback/back-out readiness, and ORR stage gate support
Requirements
Experience
8+ years of professional software development experience in enterprise environments
2-3+ years of experience leading teams and/or owning architecture/design decisions and delivery outcomes
Education
Bachelor’s degree in Computer Science, Software Engineering, or related field (preferred)
Technical Skills
Java development experience and enterprise frameworks
Proficiency with GitHub and/or Bitbucket (branching strategies, pull request workflows, and peer review practices)
CI/CD engineering with Jenkins and/or GitHub Actions, including build/test/release automation and artifact promotion
Static analysis and quality gating using SonarQube
Containerization and orchestration using Docker, Kubernetes, and/or OpenShift
Database change management using Liquibase
Unit testing using JUnit with test automation embedded into delivery practices
Strong documentation and design artifact skills (SADs, diagrams, integration plans) aligned to required governance templates and review cycles
Delivery/Process Skills
Proven Agile/SAFe delivery experience supporting sprint execution and PI planning
Experience delivering in regulated environments requiring compliance documentation, security governance, and operational readiness practices
Compensation And Benefits
The projected compensation range for this position is $100,000 to $160,000 per year benchmarked in the Washington, D.C. metropolitan area. Salary at LCG is determined by various factors, including but not limited to role, location, the combination of education/training, knowledge, skills, competencies, certifications, and work experience. LCG offers a competitive, comprehensive benefits package which includes health insurance options (medical, dental, vision), life and disability insurance, retirement plan contributions, as well as paid leave, federal holidays, professional development, and lifestyle benefits.
Securing Your Data
Beware of fraudulent job offers using LCG's name. LCG will never request payment-related details or advancement of money during the application process. Legitimate communication will only come from lcginc.com or system@hirebridgemail.com emails, not free commercial services like Gmail or WhatsApp. If you receive suspicious emails asking for payment or personal information, contact us immediately at hr@lcginc.com. If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.