Sr. DevSecOps Engineer
UICGS / Bowhead Family of Companies · San Diego, CA · 1 wk ago
Information TechnologyFull-time
Job Summary
Bowhead seeks a Sr. DevSecOps Engineer to support operational systems integration, development, test, evaluation, operation, sustainment, and maintenance for military medical treatment facilities in the Pacific Region. This role involves building a next-generation automated compliance and AI-driven security operations platform supporting DoD, federal health, and enterprise health-care environments.
About the Role
This position will provide deep experience in DISA STIGs, SCAP automation, RMF workflows, container security, SIEM/SOAR integrations, and AI-assisted security operations.
Responsibilities
- SCAP / STIG Automation
- Build automated OpenSCAP pipelines to scan Ubuntu 24.04 LTS and other Linux hosts using DISA STIG benchmarks.
- Integrate XCCDF and OVAL results into OpenRMF using automated ingestion workflows.
- Develop hardened base images (VMs and containers) aligned to DISA STIG requirements.
- Container Security
- Integrate RapidFort scans into CI/CD pipelines.
- Automate ingestion of SCAP JSON into OpenRMF.
- Ensure curated images remain compliant and low-CVE.
- Compliance Operations (RMF/FedRAMP/CMMC)
- Support generation of automated DISA checklists (CKLs) and POA&M updates.
- Work with compliance and engineering teams to resolve findings and track remediation progress via OpenRMF.
- Security Telemetry & SIEM Engineering
- Deploy/tune Wazuh agents across hosts and workloads.
- Configure pipelines from Wazuh → Elastic → Tines.
- Write and maintain Elastic SIEM detection rules.
- SOAR Automation & AI SOC
- Buildout
- Develop Tines workflows to automate: SCAP ingestion, RapidFort event processing, Elastic SIEM alert enrichment, Compliance notifications & ticketing.
- Integrate LLMs to: Summarize alerts, Draft POA&M entries, Generate remediation guidance, Produce daily/weekly SOC and compliance reports.
- Buildout
- Infrastructure & DevSecOps
- Contribute to secure CI/CD pipelines, secrets management, system hardening, logging, and access control aligned with DoD RMF.
Requirements
- Five to ten (10+) years Linux engineering with security hardening focus.
- Hands-on experience with OpenSCAP, DISA STIGs, SCAP benchmarks, and STIG automation.
- Strong knowledge of RMF, FedRAMP, or CMMC.
- CI/CD pipeline experience (GitLab CI, GitHub Actions, Jenkins, etc.).
- Hands-on experience with Elastic Stack and Wazuh.
- Experience deploying or integrating SOAR platforms (Tines preferred; XSOAR or Splunk SOAR acceptable).
- Container security experience (RapidFort, Anchore, Trivy, Aqua, etc.).
Skills
- Familiarity with ATO workflows (IL4/IL5, DoD impact levels).
- AI integration experience using OpenAI, Azure OpenAI, or similar.
- Python or Bash scripting for automation.
Soft Skills
- Ability to lead architecture decisions and mentor others.
- Strong communicator capable of translating compliance needs into technical workflows.
- Able to operate independently in a fast-paced federal/healthcare environment.
- Comfortable producing documentation for audits and ATO packages.
Physical Demands
- Must be able to lift up to 20 pounds.
- Must be able to stand and walk for prolonged amounts of time.
- Must be able to twist, bend and squat periodically.
Security Clearance Requirements
- Must be able to obtain a security clearance at the Public Trust level.
- US Citizenship is a requirement.