Senior DevSecOps Engineer

Job Title: Senior DevSecOps Engineer
Location: National Capital Region (NRC), Tampa Bay, FL, or Colorado Springs, CO (Onsite 100%)
Clearance Level: Active TS/SCI with CI Polygraph
Citizenship: U.S. Citizen

About Us:
Rapid Strategy is a premier cybersecurity consulting firm specializing in advanced, comprehensive cybersecurity solutions for federal government agencies. As a minority-owned business, we are committed to protecting national security by providing our clients with cutting-edge security strategies and implementations.

Position Overview:
We are seeking a highly experienced Senior DevSecOps Engineer to work onsite in the National Capital Region (NRC), Tampa Bay, FL, or Colorado Springs, CO. The ideal candidate will have a minimum of 6 years of experience in DevSecOps, with extensive knowledge of integrating security into CI/CD pipelines, cloud environments, and containerized applications. The candidate must possess an active TS/SCI clearance with CI polygraph and meet or exceed DoD 8140 IAM Level II or III requirements.

Key Responsibilities:

1. DevSecOps Pipeline Integration: Design, implement, and manage secure CI/CD pipelines for federal government systems, embedding automated security checks and controls into the software development lifecycle.
2. Infrastructure as Code (IaC): Develop and manage infrastructure using IaC tools (e.g., Terraform, Ansible) to ensure secure and compliant deployment of systems and services across on-premise and cloud environments.
3. Security Controls & Compliance: Implement security controls and ensure continuous compliance with federal frameworks, including NIST SP 800-53, RMF, ICD 503, and FedRAMP, in both cloud and containerized environments (IL5-IL6+).
4. Log Management & Monitoring: Specify and implement log collection processes using tools like Splunk, and perform querying and analysis of aggregated logs to identify security-relevant anomalies and risks.
5. Cloud Security: Implement and manage security within cloud environments such as AWS GovCloud, Azure Government, and containerized systems using Kubernetes, ensuring all security controls are met and maintained.
6. Automation & Orchestration: Develop automation scripts and tools to integrate security into all aspects of development, testing, and deployment processes. Ensure security best practices are followed within the DevSecOps lifecycle.
7. Incident Response: Lead efforts in securing systems during incidents, including conducting forensic analysis, coordinating responses, and ensuring systems are returned to operational status with appropriate remediations.
8. Collaboration: Work closely with federal development, operations, and security teams to foster a security-first culture and ensure security is embedded in every aspect of system development and deployment.
9. Documentation and Reporting: Prepare detailed technical documentation for systems, processes, and configurations. Provide clear and concise reports to federal stakeholders on security posture, incidents, and compliance with federal standards.

Qualifications:

1. Experience:
   • At least 6 years of experience in DevSecOps, including designing, implementing, and managing CI/CD pipelines, cloud environments, and containerized applications.
   • Extensive experience with federal government regulatory frameworks (e.g., NIST SP 800-53, RMF, ICD 503, FISMA, FedRAMP).
   • Strong background in log collection and analysis using tools like Splunk, identifying security anomalies and responding appropriately.
   • Experience in cloud platforms (AWS GovCloud, Azure Government) and containerized environments (Kubernetes, Docker).
   • Knowledge of IaC tools such as Terraform, Ansible, and security automation tools.
2. Clearance:
   • Active TS/SCI clearance with CI polygraph is required.
   • U.S. citizenship is mandatory.
3. Education & Certifications:
   • Bachelor's degree in Computer Science, Information Security, or a related field.
   • CISSP or equivalent certification to support DoD 8140 requirements (IAM Level II or III preferred).
4. Technical Expertise:
   • Proficiency with CI/CD tools (e.g., Jenkins, GitLab, Azure DevOps), IaC tools (e.g., Terraform, Ansible), and security tools (e.g., Fortify, Acunetix, Prisma Cloud).
   • Experience with cloud security, container security, and DevSecOps practices within highly classified environments (IL5 to IL6+).
   • Strong understanding of network protocols, operating systems, and infrastructure components, particularly as they relate to secure DevSecOps implementations.
5. Incident Response:
   • Proficient in incident response and forensic analysis techniques, ensuring rapid recovery from security incidents while maintaining system integrity.
6. Communication Skills:
   • Excellent communication skills, capable of conveying complex security concepts to both technical and non-technical stakeholders.

Work Environment:

• Location: Onsite, 100% at the National Capital Region (NRC), Tampa Bay, FL, or Colorado Springs, CO. No remote work is permitted.
• Clearance Requirement: Active TS/SCI with CI Polygraph is mandatory.

Why Rapid Strategy?

• Be part of a talented and dedicated team contributing to national security through advanced cybersecurity solutions.
• Opportunity to work on mission-critical projects that impact federal government security.
• Competitive salary and comprehensive benefits package.