DevSec Ops Engineer, Mid (Job 1141)

DLH delivers improved health and national security readiness solutions for federal programs through science research and development, systems engineering and integration, and digital transformation. Our experts in public health, performance evaluation, and health operations solve the complex problems faced by civilian and military customers alike by leveraging advanced tools – including digital transformation, artificial intelligence, data analytics, cloud enablement, modeling, and simulation, and more. With over 2,400 employees dedicated to the idea that “Your Mission is Our Passion,” DLH brings a unique combination of government sector experience, proven methodology, and unwavering commitment to innovation to improve the lives of millions.

Overview 

We're seeking a skilled and proactive Mid-Level DevSecOps Engineer to join our dynamic team supporting the Centers for Disease Control and Prevention (CDC). In this critical role, you’ll be instrumental in transforming CDC’s cloud landscape by embedding security and automation throughout the software development lifecycle. You’ll work with diverse teams to streamline processes, enhance security posture, and accelerate the delivery of cloud-native solutions across multi-cloud environments (Azure, AWS, GCP). 

Responsibilities 

The Mid-Level DevSecOps Engineer will provide continuous integration, continuous delivery, and continuous security support within a secure, compliant, and agile environment. Specific duties will include, but not be limited to: 

• CI/CD Pipeline Development & Maintenance: Design, build, and maintain robust CI/CD pipelines for cloud-native applications, leveraging tools like Jenkins, GitLab CI/CD, or GitHub Actions within Azure, AWS, and GCP. 
• Infrastructure as Code (IaC): Develop and manage infrastructure using IaC principles and tools (e.g., Terraform, Ansible, CloudFormation, Azure Resource Manager), ensuring consistent, repeatable, and secure cloud environments. 
• Containerization & Orchestration: Implement and manage containerized workloads using Docker and Kubernetes (including managed services like Azure Red Hat OpenShift (ARO) or EKS/GKE), optimizing for scalability, resilience, and security. 
• Security Automation & Compliance: Integrate automated security testing tools (SAST, DAST, SCA) into CI/CD pipelines. Implement Policy-as-Code (PaC) frameworks to enforce security and compliance guardrails (e.g., NIST RMF, Zero Trust Architecture) across cloud resources. 
• Cloud Operations & Monitoring: Support, maintain, and enhance cloud infrastructure and application deployments. Implement comprehensive monitoring, logging, and alerting solutions using native CSP tools (e.g., Azure Monitor, AWS CloudWatch, GCP Operations Suite) and centralized platforms (e.g., Splunk, Datadog). 
• DevSecOps Culture & Mentorship: Actively contribute to maturing the DevSecOps culture within CDC teams, promoting best practices in automation, collaboration, and security-first development. Provide technical guidance to junior engineers. 
• Vulnerability Management: Implement automated vulnerability scanning and remediation processes for cloud infrastructure, containers, and applications, ensuring timely patching and security posture improvements. 
• Collaboration: Work closely with development, operations, and security teams to identify and resolve bottlenecks, improve workflows, and ensure seamless integration across the end-to-end App Dev pipeline. 

Requirements 

• Bachelor’s Degree in Computer Science, Information Technology, or a related field, or 4+ years of equivalent relevant work experience. 
• 3-5 years of experience in a DevSecOps, DevOps, or SRE role, with a strong focus on CI/CD pipeline implementation and automation. 
• Proven experience with at least one major cloud platform (Azure, AWS, or GCP), with a strong understanding of its services and security best practices. 
• Hands-on experience with Linux, Docker, and Kubernetes. 
• Proficiency with scripting languages such as Python, Bash, or Go. 
• Experience with version control systems like GitHub, GitLab, or Bitbucket. 
• Familiarity with agile methodologies and project management tools (e.g., Jira, ServiceNow, or Smartsheet). 
• Understanding of federal cybersecurity frameworks (e.g., NIST RMF, Zero Trust Architecture) and compliance requirements. 
• Excellent communication, collaboration, and problem-solving skills. 
• Self-starter with the ability to work autonomously and drive initiatives. 

Desired Experience/Qualifications 

• Relevant cloud certifications (e.g., Azure DevOps Engineer Expert, AWS Certified DevOps Engineer - Professional, GCP Professional Cloud DevOps Engineer, Certified Kubernetes Administrator). 
• Experience with security tools such as SonarQube, Red Hat Advanced Cluster Security (ACS), Microsoft Defender for Cloud, or similar. 
• Experience with low-code/no-code platforms and their integration into automated pipelines. 
• Familiarity with data management and governance principles in a cloud context. 
• Experience in public health or other federal government environments.