DevSecOps Engineer (Mid-Level)

TL;DR

DevSecOps Engineer (DevSecOps): Supporting secure infrastructure automation and software delivery for a federal customer with an accent on infrastructure as code, configuration automation, and CI/CD security. Focus on hardening container delivery, integrating security scanning into pipelines, and aligning infrastructure with NIST and CIS security controls.

Location: Remote / Customer Site as Required (Must be based in the US)

Company

hirify.global is a mission-driven organization founded in 2006, dedicated to delivering exceptional technology services to federal government customers.

What you will do

• Develop and maintain infrastructure as code using Terraform and OpenTofu.
• Build and maintain Ansible playbooks with secure secrets handling.
• Implement GitHub Actions CI/CD pipelines with embedded security gates.
• Integrate SAST, IaC scanning, and policy-as-code checks into delivery pipelines.
• Harden Docker images and manage Kubernetes manifests and Helm charts.
• Align security implementations with CIS benchmarks and NIST control families.

Requirements

• Must hold or be eligible for Public Trust Tier 2 clearance.
• Mid-level hands-on experience with Terraform or OpenTofu.
• Experience with Ansible, GitHub Actions, Docker, and Kubernetes.
• Familiarity with security tooling including Semgrep, Checkov, Gitleaks, and OPA.
• Knowledge of CIS benchmarks and NIST SP 800-53/171/207 standards.
• Bachelor’s degree in IT, Computer Science, or equivalent experience.

Nice to have

• Federal government or FedRAMP experience.
• AWS experience and certifications.
• HashiCorp Vault experience.
• Proficiency in Python or Bash scripting.
• CKA or CKAD certifications.

Culture & Benefits

• Commitment to purpose-driven work supporting federal missions.
• Support for remote work arrangements.
• Focus on employee wellness and professional development.
• Investment in modern technology and infrastructure.