MidSr DevSecOps Engineer

Knowledge Management Inc. (KMI) has the leadership and experience to deliver innovative technology logistics and management solutions to meet real mission requirements. KMI is a Minority Business Enterprise (MBE) and Small Disadvantage Business (SDB) that specializes in Logistics Warehouse Services Distance Learning/Training Enterprise Solutions Financial Management Support Program Management Intelligence Analysis & Threat Assessment and Data Analytics/Operations Research. Since 1998 our solutions and services have helped our clients improve performance drive cost and operational effectives and map technology needs for tomorrows requirements.

Title: Mid/Sr. DevSecOps Engineer III

Onsite Locations: Bolling AFB or Reston VA (onsite)

Duration: Multiyear contract

Start date: ASAP

Clearance: TS/SCI with CI Poly

Salary: Please provide your salary requirement

Multiple openings: Midlevel 5 years of experience Sr. level 10 years of experience.

As a Mid/Sr. DevSecOps Engineer youll play a critical role in designing implementing and maintaining secure and efficient software development and deployment pipelines. You will collaborate with crossfunctional teams to integrate security practices seamlessly into the development and operations lifecycle ensuring the delivery of highquality secure and reliable software solutions.

What youll do:

• Collaborate with development operations and security teams to integrate security practices into the software development lifecycle.
• Design implement and maintain CI/CD pipelines that incorporate automated security testing vulnerability scanning and compliance checks.
• Develop and maintain infrastructure as code (IaC) templates and configurations ensuring security best practices are applied to cloud resources and infrastructure components.
• Perform regular security assessments code reviews and penetration testing to identify and address vulnerabilities and weaknesses in applications code and infrastructure.
• Monitor and analyze system and application logs to detect and respond to security incidents.
• Implement and manage identity and access management (IAM) solutions ensuring appropriate authentication and authorization mechanisms are in place.
• Collaborate with software engineers to provide guidance on secure coding practices and assist in remediation of security findings.
• Participate in incident response activities helping to investigate and mitigate security incidents in a timely manner.
• Contribute to the development and maintenance of security policies procedures and documentation.

What youll need to succeed:

• Active TS/SCI Clearance with CI poly.
• At least 5 10 years of experience as a DevSecOps Engineer or similar role with a focus on integrating security into the software development lifecycle.
• Strong experience with DevOps practices CI/CD pipelines and automation tools (e.g. Jenkins GitLab CI/CD Artifactory SonarQube Selenium Fortify Acunetix and Prisma Cloud).
• Strong Experience building DevSecOps solutions at scale across IL5 to IL6 classification domains
• Experience with infrastructure as code (IaC) tools such as Terraform CloudFormation or Ansible.
• Experience with cloud platforms (e.g. AWS Azure GCP) and securing cloudbased applications and services.
• Experience with scripting languages (e.g. Python Bash) for automation and tool integration.
• Knowledge of security best practices common vulnerabilities and exposure to security frameworks (e.g. OWASP NIST).

Equal Employment Opportunity Statement. All qualified applicants will receive consideration for employment without regard to race color religion sex sexual orientation gender identity national origin disability or status as a protected veteran.

EVerify Statement. Knowledge Management Inc. participates in EVerify and will provide the federal government with your Form I9 information to confirm that you are authorized to work in the U.S. If EVerify cannot confirm that you are authorized to work KMI is required to give you written instructions and an opportunity to contact Department of Homeland Security (DHS) or Social Security Administration (SSA) so you can begin to resolve the issue before the employer can take any action against you including terminating your employment. Employers can only use EVerify once you have accepted a job offer and completed the Form I9.

Pay Transparency NonDiscrimination Provision. Knowledge Management Inc. will not discharge or in any other manner discriminate against employees or applicants because they have inquired about discussed or disclosed their own pay or the pay of another employee or applicant. However employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information unless the disclosure is (a) in response to a formal complaint or charge (b) in furtherance of an investigation proceeding hearing or action including an investigation conducted by the employer or (c) consistent with the contractors legal duty to furnish information. 41 CFR 601.35(c)

Disability Statement. If you have a disability and need reasonable accommodation or assistance at any point in the application or onboarding process please email us at .