DevSecOps Engineer (Cybersecurity)

TL;DR

DevSecOps Engineer (Cybersecurity): Embedding security into the software development and infrastructure delivery lifecycle with an accent on CI/CD pipeline security and automated compliance. Focus on designing secure pipelines, hardening container environments, and implementing policy-as-code to reduce risk in classified and unclassified environments.

Location: Onsite in Hawthorne, California, United States

Salary: $110,000 - $160,000

Company

hirify.global is a defense technology company redefining modern defense with a multi-product portfolio powered by Coherent Distributed Networks (CDN™).

What you will do

• Design and maintain secure CI/CD pipelines integrating automated SAST, DAST, and SCA scanning via GitHub Actions, GitLab CI, or Jenkins.
• Automate security and compliance controls, including STIG/SRG validation and policy-as-code enforcement using OPA and Conftest.
• Manage container security posture, including image hardening, Kubernetes RBAC, Pod Security Admission, and network policies.
• Develop and maintain infrastructure-as-code using Terraform, CloudFormation, and Ansible with integrated least-privilege controls.
• Support RMF/ATO activities by automating evidence collection and maintaining continuous monitoring artifacts for cloud and on-premise systems.
• Collaborate with software engineers to remediate vulnerabilities and champion secure coding practices and threat modeling.

Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, or a related technical field.
• 4–7 years of experience in DevOps or cybersecurity with hands-on experience integrating security tooling into pipelines.
• Proficiency in Python, Bash, or Go for automation and infrastructure-as-code.
• Hands-on experience with Docker and Kubernetes security hardening in production environments.
• Working knowledge of AWS GovCloud or Azure Government security services.
• Active Secret clearance required at time of hire.

Nice to have

• Active TS/SCI clearance.
• Experience supporting NIST RMF ATO processes and CMMC Level 2/3 practices.
• Knowledge of software supply chain security, including SBOM generation and artifact signing (Sigstore/Cosign).
• Experience with GitOps workflows and policy-as-code frameworks like Kyverno or Gatekeeper.
• Experience operating in air-gapped environments with disconnected CI/CD toolchains.

Culture & Benefits

• 100% company-paid medical, dental, and vision insurance.
• 401k with 50% company match up to 6% of pay, plus FSA and HSA.
• Unlimited PTO and 'No meeting Fridays'.
• Free daily lunch and casual dress code.
• Competitive base salaries and generous pre-IPO stock option grants.
• Relocation assistance provided.