Senior DevSecOps Engineer
IntelliTech
- Alexandria, Virginia, United States
- Alexandria, Virginia, United States
About
Remote
Clearance:
Active DoD Secret clearance required
Employment Type:
Full-Time (W-2)
Citizenship:
U.S. Citizenship required
IntelliTech is seeking a
Senior Platform / DevSecOps + Security Engineer
to lead the infrastructure modernization, security hardening, authorization pathway, and production promotion of a Government‑owned digital twin application deployed in an Army cloud environment. The application is a supply chain simulation platform built on
Python, FastAPI, React, and MongoDB
and currently operates as a monolithic Docker deployment. This role will help transition it into a production‑grade, containerized, split‑service architecture aligned to Army cloud platform requirements, DevSecOps delivery practices, and production promotion gates.
This is a hands‑on role on a lean, senior team. The ideal candidate will architect deployment infrastructure, build CI/CD pipelines, harden the application for production, support authorization evidence development, and help lead promotion from development through production. This individual will work directly with Army platform teams, security stakeholders, and identity management teams to ensure the application is secure, scalable, supportable, and ready for operational use.
Key Responsibilities Infrastructure and Deployment Architecture
Transition the application from a single‑host Docker deployment to a split‑service containerized architecture using Amazon EKS, ECS, or another approved orchestration model
Design and implement multi‑tier environment separation across development, test/staging, and production
Package frontend, backend API, and simulation worker services as independently deployable container artifacts
Implement infrastructure‑as‑code using Terraform, CloudFormation, or approved equivalents for repeatable provisioning and configuration management
Design the distributed execution model allowing simulation workers to scale independently from the API tier with bounded concurrency and isolation controls
Configure managed platform services for persistence, caching, object storage, secrets management, and observability
CI/CD and Release Engineering
Build and maintain CI/CD pipelines using approved toolchains such as GitLab CI, GitHub Actions, or government‑provided platform tooling
Integrate automated build, test, container scanning, dependency scanning, SAST, and DAST into the delivery pipeline
Implement promotion workflows with quality and security gates for development‑to‑staging and staging‑to‑production transitions
Generate and maintain software bill of materials (SBOM) and dependency inventories as part of the build process
Design rollback and recovery procedures for failed deployments, including restoration of prior known‑good versions
Security Hardening and Compliance
Harden container images and dependency baselines in alignment with STIG requirements and approved security standards
Implement managed secrets storage, encryption in transit and at rest, least‑privilege IAM policies, and appropriate network segmentation
Integrate vulnerability scanning into release workflows and support remediation tracking
Support closure of security findings through remediation, compensating controls, and evidence updates
Ensure artifact retention and traceability sufficient to support promotion approval and auditability
Identity and Access Management
Integrate the application with CAC‑enabled SSO and the identity provider required by the target environment using SAML, OIDC, or platform‑specific approaches
Replace local account models with externalized authentication through approved identity services
Implement role‑based access controls for analyst, administrator, and system functions
Ensure user actions are traceable to authenticated identities
Authorization and Production Promotion
Support the application‑specific authorization effort from evidence planning through submission and remediation
Produce and maintain authorization artifacts such as architecture diagrams, data flows, SBOMs, scan evidence, logging and monitoring descriptions, and operational runbooks
Align evidence to the platform’s inheritance model where applicable rather than building a fully standalone compliance package
Coordinate with government security stakeholders on evidence expectations, findings, and remediation
Lead technical execution for promotion from development into production through approved DevSecOps pipelines and release gates
Operations and Sustainment
Implement centralized logging, metrics, alarms, and service health monitoring across all application components
Develop operational runbooks for deployment, monitoring, incident response, scaling, and maintenance
Produce administrator and operator documentation, troubleshooting guides, and sustainment handoff materials
Support training and transition activities at the conclusion of the implementation period
Required Qualifications
Bachelor’s degree in Computer Science, Information Systems, Engineering, Cybersecurity, or a related technical discipline and 8+ years of relevant experience; or Master’s degree in a related field and 6+ years of relevant experience
Active DoD Secret clearance
8+ years of professional experience in DevOps, platform engineering, infrastructure engineering, or cloud engineering roles
Hands‑on experience supporting ATO or cATO‑related processes, including authorization evidence development, security findings remediation, and working with assessors or platform security stakeholders
Experience deploying and operating applications in DoD or other accredited government cloud environments such as Army ECMA
Strong experience with container orchestration using Amazon EKS, ECS, Kubernetes, or similar platforms
Strong experience with infrastructure as code, including Terraform, CloudFormation, Helm, or similar tooling
Experience designing and maintaining CI/CD pipelines with integrated automated testing, scanning, and promotion controls
Experience with security hardening, including STIG‑aligned practices, vulnerability remediation, SBOM generation, and secure container/image management
Experience with AWS services such as EC2, EKS/ECS, S3, IAM, KMS, Secrets Manager, SSM, CloudWatch, VPC/networking, Redis/ElastiCache, and document or relational persistence services
Experience integrating identity and access management solutions such as SSO, SAML, OIDC, RBAC, or CAC‑enabled access patterns
Strong communication skills and the ability to work directly with technical, operational, and security stakeholders
Preferred Qualifications
Direct experience supporting Army cloud environments or similar government‑managed enterprise cloud platforms
Experience with RMF, eMASS, and inherited authorization models
Experience operating in IL4 / IL5 or similarly regulated environments
Experience with container security and vulnerability scanning tools such as Prisma Cloud, Anchore, Twistlock, or similar platforms
Familiarity with Docker Compose to Kubernetes migration patterns
Experience with MongoDB to DocumentDB migration or similar managed database transition efforts
Experience supporting Python / FastAPI application deployment and performance tuning
Prior experience supporting Army, logistics, manufacturing, industrial base, or enterprise platform modernization programs
Certifications such as Security+, CISSP, or relevant cloud / Kubernetes certifications
Tech Stack
Orchestration: Amazon EKS or ECS, Kubernetes, Helm
IaC: Terraform, CloudFormation
CI/CD: GitLab CI, GitHub Actions, or government‑approved tooling
Cloud: AWS services including EC2, EKS/ECS, S3, IAM, KMS, Secrets Manager, SSM, CloudWatch, Redis/ElastiCache, and managed persistence services
Containers: Docker, multi‑stage builds, hardened base images
Security: STIG‑aligned hardening, vulnerability scanning, SBOM generation, DAST / SAST
Identity: CAC / SSO, SAML, OIDC, RBAC
Monitoring: CloudWatch, Prometheus / Grafana where approved, centralized logging
Authorization: RMF, eMASS, inherited authorization packages, ATO / cATO evidence support
Application: Python 3.11+, FastAPI, React, MongoDB / DocumentDB
Interview Process Video interview required and may include a technical assessment.
Candidates should be prepared to discuss:
their experience designing and operating secure cloud infrastructure and CI/CD pipelines
how they have supported authorization, compliance, or security evidence efforts
examples of applications they have containerized, hardened, and promoted to production
their experience with AWS, Kubernetes, IaC, scanning, and release automation
how they have handled identity integration, observability, and secure operations in regulated environments
Compensation And Benefits IntelliTech is committed to fair and equitable compensation practices. Actual compensation packages are based on several factors unique to each candidate, including but not limited to job‑related skills, depth of experience, relevant certifications and training, and specific work location. Based on these factors, IntelliTech utilizes the full width of the salary range.
IntelliTech provides a comprehensive benefits package designed to support employees’ well‑being and professional growth, including health, dental, and vision insurance, a 401(k), paid time off, professional development opportunities, and flexible work arrangements to support work‑life balance.
About IntelliTech IntelliTech is a dynamic and forward‑thinking small business specializing in Full Stack Engineering, Data Analytics, Cloud Solutions, and DevSecOps services. Our mission is to empower government and commercial clients to solve complex technical challenges through practical, innovative, and mission‑focused engineering solutions.
Equal Opportunity Employer IntelliTech is an Equal Opportunity Employer and does not discriminate on the basis of race, religion, gender, age, disability, or veteran status. We encourage all qualified candidates to apply.
#J-18808-Ljbffr
Languages
- English
Notice for Users
This job comes from a TieTalent partner platform. Click "Apply Now" to submit your application directly on their site.