DevSecOps Engineer
$165k - $195kRumble
DevSecOps Engineer
Rumble Cloud is seeking a DevSecOps Engineer to embed security throughout the software development lifecycle for our cloud platform and customer-facing services. This is a hands-on engineering role that owns our Secure Software Development Lifecycle (SSDLC) end to end: you'll design it, operate it, partner with engineering teams to remediate vulnerabilities, and continuously harden the CI/CD pipelines that ship Rumble Cloud to production.
Our platform is built on OpenStack and Ceph, and this role sits at the intersection of application security, platform engineering, and developer enablement. You should be comfortable reviewing pipeline configurations, triaging SAST, DAST, SCA, and container scanning findings with developers, and driving practical security improvements across Python, Go, and TypeScript codebases without becoming a bottleneck to delivery.
You'll work closely with application, platform, and infrastructure teams, with architectural guidance from our Software Architect, to make security a core part of how we build and ship software. That includes defining secure coding standards, integrating automated security tooling into CI/CD, improving software supply chain integrity, supporting audit readiness, and helping engineers make sound, scalable security decisions in a fast-moving cloud environment.
Responsibilities
- Own the SSDLC end to end, including secure coding standards, threat modeling, security gates, policy-as-code, and documentation suitable for audits, in partnership with the Software Architect in an advisory capacity.
- Drive vulnerability identification, triage, and remediation across Python, Go, and TypeScript/React codebases, partnering directly with engineers to prioritize and fix issues effectively.
- Design, harden, and optimize CI/CD pipelines using tools such as GitHub Actions, GitLab CI, Jenkins, or similar systems, ensuring security controls are integrated cleanly into developer workflows.
- Integrate and operate security tooling across the software delivery lifecycle, including SAST, DAST, SCA, secret scanning, container scanning, and dependency analysis.
- Implement secure software supply chain practices such as signed artifacts, SBOM generation, provenance controls, and related guardrails for build and release processes.
- Manage secrets, credentials, and signing keys used by build and deployment pipelines, applying least-privilege access, rotation, and secure storage practices.
- Partner with engineering teams to review code, assess risk, and recommend practical remediation approaches that improve security without unnecessarily slowing delivery.
- Support security incident response and post-incident follow-up for application and platform issues, helping identify root causes and drive durable fixes.
- Contribute to audit readiness and evidence collection for frameworks such as ISO 27001, SOC 2, PCI DSS, or FedRAMP, especially where CI/CD controls and engineering practices are in scope.
- Mentor engineers on secure development practices and help establish a culture where security is built into design, implementation, and release processes from the start.
Qualifications
- Experience in a DevSecOps, application security, or product security role, including designing and operating a Secure Software Development Lifecycle (SSDLC).
- Hands-on experience with CI/CD systems such as GitHub Actions, GitLab CI, Jenkins, or similar, including pipeline design, optimization, and hardening.
- Strong knowledge of application security tooling including SAST, DAST, SCA, and container scanning, along with a practical understanding of the OWASP Top 10.
- Ability to read and review code in at least one of Python, Go, or TypeScript and to work directly with developers on remediation.
- Experience with Docker and Kubernetes, secrets management systems such as Vault, and authentication patterns such as OAuth2 and OpenID Connect.
- Strong communication and collaboration skills, with the ability to influence engineering teams and drive secure practices without direct authority.
Preferred Qualifications
- Security certifications such as CSSLP, OSCP, GWAPT, CISSP, or equivalent.
- Experience with software supply chain security practices and tooling, including SLSA, Sigstore/cosign, and SBOM generation or validation.
- Familiarity with OpenStack, Ceph, or other large-scale open-source infrastructure platforms.
- Experience supporting audits or compliance initiatives such as ISO 27001, SOC 2, PCI DSS, or FedRAMP, including evidence collection tied to CI/CD and engineering controls.
- Experience with threat modeling methodologies such as STRIDE or PASTA, and with IaC security scanning across Terraform, Ansible, and Kubernetes manifests.
- Familiarity with multi-tenant SaaS or public cloud environments, and experience operating Rocky Linux or Ubuntu in production.
Annual Compensation Range:
$165,000 - $195,000 USD base + benefits + equity (If based in the United States)
$122,000 - $158,000 CAD base + benefits + equity (If based in Canada)
Note: The salary range listed for this position is a good faith estimate based on experience, qualifications, and internal compensation structure. The actual salary offered varies depending on the candidate's skill level and experience. This posting refers to an active vacancy within the organization.
Why Our Team Loves Working Here:
- We are making a significant financial impact for our video creator community; we're proud of their success stories
- We enjoy challenging the status quo and going head-to-head against Big Tech
- We aren't afraid to try new things; we act fast and want to win
- We pay competitive salaries and provide great benefits
EEO Statement: Rumble is an equal opportunity employer. We promote an equal playing field where everyone has the same opportunities regardless of race, religion, color, national origin, sex, sexual orientation, age, veteran status, disability status, or any other applicable characteristics protected by law. Rumble is an active participant in the e-verify program.
Physical demands of the position: While performing the duties of this job, the employee is regularly required to sit for prolonged periods of time while using a computer and/or keyboard. The employee is required to communicate verbally and hear. The employee is required to walk, reach with hands and arms, balance, and stoop or kneel. The employee may occasionally be required to lift and/or move up to 15 pounds. Specific vision abilities required by this job include clarity of vision at approximately 20 inches or less (i.e., working with small objects or reading small print), including the use of computers.
- ...innovative AI and cloud solutions, is seeking a dedicated Cloud DevOps Engineer to join their team. As a Cloud DevOps Engineer, you will be... ...Location: Remote What's the Job? Implement DevSecOps practices across CI/CD pipelines (Azure DevOps) for AI/ML workloads...SuggestedWeekly payFull timeContract workTemporary workRemote workFlexible hours
$155k - $185k
...DevSecOps Engineer Dark Wolf is seeking a DevSecOps Engineer to accelerate the secure delivery of mission-critical software by embedding DevSecOps practices directly into the development pipeline. The focus for this individual will be on automating deployment and security...SuggestedFull timeFor contractorsWork experience placement$116.9k - $243.1k
...training and more. Join us to drive positive, lasting change that moves missions and the government forward! The work As a DevSecOps Engineer, you will play a pivotal role in advancing operational AI adoption by implementing and maintaining secure, automated CI/CD...SuggestedLive inWork at officeLocal area$114.6k - $190.2k
...with MANTECH! ***This is for a future opportunity*** MANTECH seeks motivated, career, and customer-oriented DevSecOps Engineer for a new initiative within the National Capital Region. This effort supports the rapid design, deployment, operation, and...SuggestedHourly payContract workTemporary workWork experience placementWork at officeLocal areaRemote work- ...Mid-Level DevSecOps Engineer Position Summary KeenLogic is seeking a Mid-Level DevSecOps Engineer to support the Congressional Budget Office (CBO) by designing, automating, securing, and maintaining cloud and hybrid infrastructure environments. The engineer will...SuggestedFor contractorsWork at officeRemote work
- ...DevSecOps Engineer This position is part of a proposal submission and is contingent upon contract award. Location: Arlington, VA (Hybrid) Clearance: DHS Suitability Description: Integrate security into all stages of the software development lifecycle...Contract work
$128.04k - $173.23k
...Devsecops Engineer Location: USA DC Washington Full Part/Time: Full time Job Req: RQ220269 Type of Requisition: Pipeline Clearance Level Must Currently Possess: Top Secret Clearance Level Must Be Able to Obtain: Top Secret/SCI Public Trust/Other Required: None Job...Full timeTemporary workPart timeWork at officeImmediate startRemote workFlexible hours- ...DevSecOps Engineer About Essnova Solutions Essnova Solutions is a fast-growing federal contractor delivering innovative technology, cybersecurity, cloud, and digital transformation solutions to Federal Government customers. We are seeking a DevSecOps Engineer to...For contractors
$65.59k - $136.65k
...you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now. We are currently seeking a DevSecOps Engineer to join our team in Bethesda (REMOTE), Maryland (US-MD), United States (US). Job Summary: The DevSecOps Engineer is responsible...Contract workTemporary workWork at officeRemote workFlexible hours- ...DevSecOps Engineer The DevSecOps Engineer serves as the lead technical engineer responsible for the automation, continuous integration/continuous deployment (CI/CD), and security posture of the cloud infrastructure for the Office of Naval Research (ONR) Comptroller...Temporary workWork at officeImmediate startFlexible hours
- Security Monitoring & Incident Response Monitor access and security events across infrastructure and applications. Lead incident response and forensic investigations for cybersecurity events. Manage and update role-based access matrices and privileged access controls...
- ...Overview The DevSecOps Engineer supports the planning, analysis, and implementation activities required to migrate federal government applications into the CyberArk Privileged Access Management (PAM) platform. This role is responsible for providing technical insight into...Shift work
$112.8k - $257k
The Opportunity Everyone is trying to "harness the cloud," but not everyone knows how. As a cloud computing application architect, you know how to create a cloud-based technical architecture that meets client needs and takes advantage of cloud capabilities. We need you...Contract workLocal area- ...Qualifications At least 6 years of experience as a DevSecOps Engineer or similar role, with a focus on integrating security into the software development lifecycle. Experience building DevSecOps solutions at scale across multiple classification domains (IL5 to IL6+) simultaneously...
- helsing.ai in Washington, D.C. is looking for a security-focused engineer to integrate security into its developer platform. You will work on maintaining secure CI/CD pipelines and ensuring compliance with CMMC Level 2. The ideal candidate has 5+ years in security engineering...Flexible hours
- ...Our team thrives on turning tricky problems into solutions that are practical, accessible and performant. About This Position DevSecOps Engineers at BLEN play a pivotal role in our modernization program, implementing and maintaining robust Continuous Integration/...
- ...Washington, DC, US 4 days ago Requisition ID: 1315 Position Summary Softtek Government Solutions (SGS) is seeking a Mid-Level DevSecOps Engineer to support the Congressional Budget Office (CBO) DevSecOps Engineering Services task order. CBO maintains a hybrid cloud...Full timeWork at officeLocal areaRemote workShift work
$62k - $141k
Job Number: R0238942 DevSecOps Engineer The Opportunity As a DevOps engineer, you know how to set up cloud environments and provision computer networking, storage, and virtual networks—ultimately, how to "harness the cloud." We’re looking for a DevOps infrastructure engineer...Local area- Phoenix Oversight Group LLC in Arlington, Virginia is seeking a DevSecOps Engineer to support the migration of federal applications into the CyberArk Privileged Access Management platform. The role requires strong technical skills and collaboration with multiple teams...
$74k - $150k
Idtus, located in Arlington, VA, is looking for a DevSecOps Engineer to enhance the developer experience by improving CI/CD processes and ensuring compliance within classified environments. The ideal candidate will have a Bachelor’s degree in a related field and at least...Full time- COMFORT SYSTEMS is seeking a Systems Engineer in Arlington, VA, to support the Defense Information Systems Agency. The role focuses on... ...including integrating ICAM services and applying DevSecOps practices. The ideal candidate will have extensive experience...
$126.1k - $227.95k
...decision intelligence. We're the minds behind the mission‑critical systems that keep our nation secure. Opportunity: Senior DevSecOps Engineer We're seeking a Senior DevSecOps Engineer to spearhead cloud initiatives for the United States Coast Guard at C5ISC in Alexandria...- ...committed to embodying these principles in every facet of our work. Position Overview Reporting to the Program Manager, the DevSecOps Engineer augments the CBO engineering team to extend infrastructure automation and secure delivery in a hybrid cloud environment. Maintains...Remote workShift work
- PingWind is seeking a DevSecOps professional based in Alexandria, Virginia, responsible for designing and implementing secure pipelines and automated environments. Candidates should have 10 years of relevant experience and a BS/BA degree, with a Secret Clearance required...
$94.1k - $161.2k
Position Overview The DevSecOps Engineer, Mid provides engineering leadership to design, secure, and automate delivery pipelines and infrastructure that support mission‑critical applications. This role owns CI/CD workflows that integrate build, test, and security controls...Contract workWork experience placementWork at officeRemote work- A leading technology services provider is looking for a DevSecOps professional in Alexandria, VA. This role entails designing and implementing secure DevSecOps pipelines that ensure reliable operations of dashboards for federal projects. Required qualifications include...
- ...Praescient Analytics is a leader in delivering advanced analytic, data engineering, and technology integration solutions in support of the... ...Overview Praescient Analytics is seeking a Journeyman DevSecOps Engineer to support Army National Guard (ARNG) enterprise modernization...Full time
- Computational Physics, Inc. (CPI) is looking for a Full-Time Software Engineer / DevSecOps Engineer to support our customers at USNO, Washington, DC . Background A DevSecOps Engineer with strong software development fundamentals and a security-first mindset is sought...Full timeTemporary workFor contractorsFlexible hours
- ...the team of men and women that solve some of the world’s most complex technical challenges. The CDAO Advana team is seeking an DevSecOps Engineer to join their efforts in the DC area. Advana is the Chief Digital and Artificial Intelligence Office’s (CDAO) enterprise-...Work at officeFlexible hours
$120k - $140k
DevSecOpsEngineer (REMOTE) ROLE We need an experienced DevSecOps Engineer at the U.S. Securities and Exchange Commission (SEC). The SEC’s Division of Corporation Finance reviews public company filings to ensure investors receive the material information they need to make...Full timeContract workRemote workRelocationRelocation package
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to DevSecOps Engineer. Be the first to apply!

