DevSecOps Engineer (1455)

Referral Eligible

Summary:

As a DevSecOps Engineer you will incorporate security mechanisms into CI/CD workflows and infrastructure automation to support secure compliant software releases within a regulated mission-driven setting. You will automate vulnerability scanning and compliance checks assist development teams in addressing risks early in the lifecycle help sustain audit/ATO preparedness and contribute to monitoring and incident response efforts. This position requires practical technical execution disciplined documentation practices and the ability to clearly articulate risk to both technical and non-technical audiences.

Job Qualifications:

Qualifications and Skills include:

• Hands-on experience securing or operating CI/CD pipelines and modern deployment workflows.
• Demonstrated ability to automate security/ops tasks using scripting/programming (i.e. Python Bash etc.).
• Working knowledge of secure system design and operational security fundamentals (least privilege secrets handling patching logging/monitoring vulnerability management).
• Experience working in regulated/compliance-driven environments (e.g. audit requirements security controls change management).
• Strong written communication skills with proven ability to document procedures and communicate technical risk clearly.
• Embed and maintain security controls in CI/CD pipelines to support secure repeatable software delivery.
• Software composition analysis (SCA) container/image scanning and infrastructure/configuration security checks.
• Implement and maintain policy-as-code / security gates aligned to program requirements and risk tolerance (e.g. blocking high-severity findings where appropriate exception handling evidence capture).
• Support development teams with shift-left security: triage findings validate risk recommend remediation and verify fixes.
• Maintain and improve Infrastructure-as-Code (IaC) and deployment automation to reduce drift and improve standardization.
• Support baseline configuration management/enforcement and hardened builds (including DISA STIG-aligned configurations where required).
• Enable and improve centralized logging and monitoring to support security operations detection auditing and troubleshooting.
• Ensure solutions meet government and organizational security requirements supporting RMF/ATO activities security documentation and evidence collection.
• Participate in incident response including investigation support containment assistance and root-cause analysis with corrective/preventive actions.
• Create and maintain technical documentation (runbooks control implementation notes pipeline security procedures operational guides and audit evidence).

Preferred Qualifications:

• Ops certifications (e.g. RHCSA or similar).
• Familiarity with government security frameworks such as NIST (e.g. NIST SP 800-53 concepts) and the RMF/ATO lifecycle (implementing controls collecting evidence supporting assessments).
• Experience implementing or validating DISA STIG-aligned configurations and control evidence.
• Experience with centralized baseline configuration management/enforcement (e.g. Ansible Puppet Chef Salt; compliance tooling such as OpenSCAP and/or similar approaches).
• Experience with centralized logging platforms (e.g. Splunk ELK/OpenSearch Loki Sentinel) and building actionable security/ops dashboards.
• Experience with SNMP monitoring (e.g. Zabbix LibreNMS SolarWinds Prometheus SNMP exporter) and alert tuning.
• Container and orchestration experience: Kubernetes and container tooling such as Docker and/or Podman (secure build patterns image provenance/scanning runtime hardening).
• Experience in on-premises and hybrid environments including segmented networks and restricted connectivity patterns.
• Working familiarity with Red Hat Enterprise Linux (RHEL) or RHEL-compatible systems.
• Ability to work within controlled environments and comply with program security policies and handling procedures.
• Programming experience and knowledge of Python and Java.

Education/Experience include:

DoD 8570 IAT Level II certification (e.g. CompTIA Security SSCP or equivalent).

Bachelors degree (or comparable professional experience)

36 years of experience in DevOps DevSecOps Security Engineering Systems Engineering Platform Engineering or related disciplines.

Working Conditions:

Prolonged periods sitting at a desk and working on a computer.

Position Type/Expected Hours of Work:

Full time position

Travel:Less than 5%

Clearance Type:

Requires a current TS/SCI. Employment is contingent on having or obtaining the required active security clearance or successfully passing the required background check as well as other factors including but not limited to drug screens.

AAP/EEO Statement:

Equal Opportunity Employer M/F/Disabled/Veteran

Qualified applicants will receive consideration for employment without regard to race color religion sex national origin sexual orientation gender identity disability or protected veteran status.

Zapata Technology accommodation to applicants who are veterans or who have disabilities and are unable to fully use our company application system. If you need a reasonable accommodation for any part of the application and hiring process pleasenotify Christina Hall EEO Coordinator at