Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

DevSecOps Engineer

$165k - $195k

Rumble

DevSecOps Engineer

Rumble Cloud is seeking a DevSecOps Engineer to embed security throughout the software development lifecycle for our cloud platform and customer-facing services. This is a hands-on engineering role that owns our Secure Software Development Lifecycle (SSDLC) end to end: you'll design it, operate it, partner with engineering teams to remediate vulnerabilities, and continuously harden the CI/CD pipelines that ship Rumble Cloud to production.

Our platform is built on OpenStack and Ceph, and this role sits at the intersection of application security, platform engineering, and developer enablement. You should be comfortable reviewing pipeline configurations, triaging SAST, DAST, SCA, and container scanning findings with developers, and driving practical security improvements across Python, Go, and TypeScript codebases without becoming a bottleneck to delivery.

You'll work closely with application, platform, and infrastructure teams, with architectural guidance from our Software Architect, to make security a core part of how we build and ship software. That includes defining secure coding standards, integrating automated security tooling into CI/CD, improving software supply chain integrity, supporting audit readiness, and helping engineers make sound, scalable security decisions in a fast-moving cloud environment.

Responsibilities
  • Own the SSDLC end to end, including secure coding standards, threat modeling, security gates, policy-as-code, and documentation suitable for audits, in partnership with the Software Architect in an advisory capacity.
  • Drive vulnerability identification, triage, and remediation across Python, Go, and TypeScript/React codebases, partnering directly with engineers to prioritize and fix issues effectively.
  • Design, harden, and optimize CI/CD pipelines using tools such as GitHub Actions, GitLab CI, Jenkins, or similar systems, ensuring security controls are integrated cleanly into developer workflows.
  • Integrate and operate security tooling across the software delivery lifecycle, including SAST, DAST, SCA, secret scanning, container scanning, and dependency analysis.
  • Implement secure software supply chain practices such as signed artifacts, SBOM generation, provenance controls, and related guardrails for build and release processes.
  • Manage secrets, credentials, and signing keys used by build and deployment pipelines, applying least-privilege access, rotation, and secure storage practices.
  • Partner with engineering teams to review code, assess risk, and recommend practical remediation approaches that improve security without unnecessarily slowing delivery.
  • Support security incident response and post-incident follow-up for application and platform issues, helping identify root causes and drive durable fixes.
  • Contribute to audit readiness and evidence collection for frameworks such as ISO 27001, SOC 2, PCI DSS, or FedRAMP, especially where CI/CD controls and engineering practices are in scope.
  • Mentor engineers on secure development practices and help establish a culture where security is built into design, implementation, and release processes from the start.
Qualifications
  • Experience in a DevSecOps, application security, or product security role, including designing and operating a Secure Software Development Lifecycle (SSDLC).
  • Hands-on experience with CI/CD systems such as GitHub Actions, GitLab CI, Jenkins, or similar, including pipeline design, optimization, and hardening.
  • Strong knowledge of application security tooling including SAST, DAST, SCA, and container scanning, along with a practical understanding of the OWASP Top 10.
  • Ability to read and review code in at least one of Python, Go, or TypeScript and to work directly with developers on remediation.
  • Experience with Docker and Kubernetes, secrets management systems such as Vault, and authentication patterns such as OAuth2 and OpenID Connect.
  • Strong communication and collaboration skills, with the ability to influence engineering teams and drive secure practices without direct authority.
Preferred Qualifications
  • Security certifications such as CSSLP, OSCP, GWAPT, CISSP, or equivalent.
  • Experience with software supply chain security practices and tooling, including SLSA, Sigstore/cosign, and SBOM generation or validation.
  • Familiarity with OpenStack, Ceph, or other large-scale open-source infrastructure platforms.
  • Experience supporting audits or compliance initiatives such as ISO 27001, SOC 2, PCI DSS, or FedRAMP, including evidence collection tied to CI/CD and engineering controls.
  • Experience with threat modeling methodologies such as STRIDE or PASTA, and with IaC security scanning across Terraform, Ansible, and Kubernetes manifests.
  • Familiarity with multi-tenant SaaS or public cloud environments, and experience operating Rocky Linux or Ubuntu in production.

Annual Compensation Range:

$165,000 - $195,000 USD base + benefits + equity (If based in the United States)

$122,000 - $158,000 CAD base + benefits + equity (If based in Canada)

Note: The salary range listed for this position is a good faith estimate based on experience, qualifications, and internal compensation structure. The actual salary offered varies depending on the candidate's skill level and experience. This posting refers to an active vacancy within the organization.

Why Our Team Loves Working Here:

  • We are making a significant financial impact for our video creator community; we're proud of their success stories
  • We enjoy challenging the status quo and going head-to-head against Big Tech
  • We aren't afraid to try new things; we act fast and want to win
  • We pay competitive salaries and provide great benefits

EEO Statement: Rumble is an equal opportunity employer. We promote an equal playing field where everyone has the same opportunities regardless of race, religion, color, national origin, sex, sexual orientation, age, veteran status, disability status, or any other applicable characteristics protected by law. Rumble is an active participant in the e-verify program.

Physical demands of the position: While performing the duties of this job, the employee is regularly required to sit for prolonged periods of time while using a computer and/or keyboard. The employee is required to communicate verbally and hear. The employee is required to walk, reach with hands and arms, balance, and stoop or kneel. The employee may occasionally be required to lift and/or move up to 15 pounds. Specific vision abilities required by this job include clarity of vision at approximately 20 inches or less (i.e., working with small objects or reading small print), including the use of computers.

Vacancy posted 22 hours ago
Similar jobs that could be interesting for youBased on the DevSecOps Engineer in Washington DC vacancy
  •  ...innovative AI and cloud solutions, is seeking a dedicated Cloud DevOps Engineer to join their team. As a Cloud DevOps Engineer, you will be...  ...Location: Remote What's the Job? Implement DevSecOps practices across CI/CD pipelines (Azure DevOps) for AI/ML workloads... 
    Suggested
    Weekly pay
    Full time
    Contract work
    Temporary work
    Remote work
    Flexible hours

    Experis/Manpower Group

    Hyattsville, MD
    11 hours ago
  • $155k - $185k

     ...DevSecOps Engineer Dark Wolf is seeking a DevSecOps Engineer to accelerate the secure delivery of mission-critical software by embedding DevSecOps practices directly into the development pipeline. The focus for this individual will be on automating deployment and security... 
    Suggested
    Full time
    For contractors
    Work experience placement

    Dark Wolf Solutions

    Arlington, VA
    11 hours ago
  • $116.9k - $243.1k

     ...training and more. Join us to drive positive, lasting change that moves missions and the government forward! The work As a DevSecOps Engineer, you will play a pivotal role in advancing operational AI adoption by implementing and maintaining secure, automated CI/CD... 
    Suggested
    Live in
    Work at office
    Local area

    Accenture

    Arlington, VA
    4 days ago
  • $114.6k - $190.2k

     ...with MANTECH! ***This is for a future opportunity*** MANTECH seeks motivated, career, and customer-oriented DevSecOps Engineer for a new initiative within the National Capital Region. This effort supports the rapid design, deployment, operation, and... 
    Suggested
    Hourly pay
    Contract work
    Temporary work
    Work experience placement
    Work at office
    Local area
    Remote work

    ManTech International Corporation

    Washington DC
    2 days ago
  •  ...Mid-Level DevSecOps Engineer  Position Summary  KeenLogic is seeking a Mid-Level DevSecOps Engineer to support the Congressional Budget Office (CBO) by designing, automating, securing, and maintaining cloud and hybrid infrastructure environments. The engineer will... 
    Suggested
    For contractors
    Work at office
    Remote work

    Keen Logic

    Washington DC
    10 hours ago
  •  ...DevSecOps Engineer This position is part of a proposal submission and is contingent upon contract award. Location: Arlington, VA (Hybrid) Clearance: DHS Suitability Description: Integrate security into all stages of the software development lifecycle... 
    Contract work

    Silo Smashers

    Arlington, VA
    3 days ago
  • $128.04k - $173.23k

     ...Devsecops Engineer Location: USA DC Washington Full Part/Time: Full time Job Req: RQ220269 Type of Requisition: Pipeline Clearance Level Must Currently Possess: Top Secret Clearance Level Must Be Able to Obtain: Top Secret/SCI Public Trust/Other Required: None Job... 
    Full time
    Temporary work
    Part time
    Work at office
    Immediate start
    Remote work
    Flexible hours

    General Dynamics

    Washington DC
    10 hours ago
  •  ...DevSecOps Engineer About Essnova Solutions Essnova Solutions is a fast-growing federal contractor delivering innovative technology, cybersecurity, cloud, and digital transformation solutions to Federal Government customers. We are seeking a DevSecOps Engineer to... 
    For contractors

    Essnova Solutions

    Washington DC
    1 day ago
  • $65.59k - $136.65k

     ...you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now. We are currently seeking a DevSecOps Engineer to join our team in Bethesda (REMOTE), Maryland (US-MD), United States (US). Job Summary: The DevSecOps Engineer is responsible... 
    Contract work
    Temporary work
    Work at office
    Remote work
    Flexible hours

    NTT America

    Bethesda, MD
    3 days ago
  •  ...DevSecOps Engineer The DevSecOps Engineer serves as the lead technical engineer responsible for the automation, continuous integration/continuous deployment (CI/CD), and security posture of the cloud infrastructure for the Office of Naval Research (ONR) Comptroller... 
    Temporary work
    Work at office
    Immediate start
    Flexible hours

    Integral Federal

    Washington DC
    4 days ago
  • Security Monitoring & Incident Response Monitor access and security events across infrastructure and applications. Lead incident response and forensic investigations for cybersecurity events. Manage and update role-based access matrices and privileged access controls...

    Saxon Global

    Washington DC
    10 hours ago
  •  ...Overview The DevSecOps Engineer supports the planning, analysis, and implementation activities required to migrate federal government applications into the CyberArk Privileged Access Management (PAM) platform. This role is responsible for providing technical insight into... 
    Shift work

    Phoenix Oversight Group LLC

    Arlington, VA
    2 days ago
  • $112.8k - $257k

    The Opportunity Everyone is trying to "harness the cloud," but not everyone knows how. As a cloud computing application architect, you know how to create a cloud-based technical architecture that meets client needs and takes advantage of cloud capabilities. We need you...
    Contract work
    Local area

    Phase2 Technology

    Alexandria, VA
    2 days ago
  •  ...Qualifications At least 6 years of experience as a DevSecOps Engineer or similar role, with a focus on integrating security into the software development lifecycle. Experience building DevSecOps solutions at scale across multiple classification domains (IL5 to IL6+) simultaneously... 

    Beyond SOF

    Washington DC
    2 days ago
  • helsing.ai in Washington, D.C. is looking for a security-focused engineer to integrate security into its developer platform. You will work on maintaining secure CI/CD pipelines and ensuring compliance with CMMC Level 2. The ideal candidate has 5+ years in security engineering... 
    Flexible hours

    helsing.ai

    Washington DC
    2 days ago
  •  ...Our team thrives on turning tricky problems into solutions that are practical, accessible and performant. About This Position DevSecOps Engineers at BLEN play a pivotal role in our modernization program, implementing and maintaining robust Continuous Integration/... 

    BLEN

    Washington DC
    1 day ago
  •  ...Washington, DC, US 4 days ago Requisition ID: 1315 Position Summary Softtek Government Solutions (SGS) is seeking a Mid-Level DevSecOps Engineer to support the Congressional Budget Office (CBO) DevSecOps Engineering Services task order. CBO maintains a hybrid cloud... 
    Full time
    Work at office
    Local area
    Remote work
    Shift work

    Aveshka Inc

    Washington DC
    22 hours ago
  • $62k - $141k

    Job Number: R0238942 DevSecOps Engineer The Opportunity As a DevOps engineer, you know how to set up cloud environments and provision computer networking, storage, and virtual networks—ultimately, how to "harness the cloud." We’re looking for a DevOps infrastructure engineer... 
    Local area

    Phase2 Technology

    Arlington, VA
    4 days ago
  • Phoenix Oversight Group LLC in Arlington, Virginia is seeking a DevSecOps Engineer to support the migration of federal applications into the CyberArk Privileged Access Management platform. The role requires strong technical skills and collaboration with multiple teams... 

    Phoenix Oversight Group LLC

    Arlington, VA
    4 days ago
  • $74k - $150k

    Idtus, located in Arlington, VA, is looking for a DevSecOps Engineer to enhance the developer experience by improving CI/CD processes and ensuring compliance within classified environments. The ideal candidate will have a Bachelor’s degree in a related field and at least... 
    Full time

    Idtus

    Arlington, VA
    22 hours ago
  • COMFORT SYSTEMS is seeking a Systems Engineer in Arlington, VA, to support the Defense Information Systems Agency. The role focuses on...  ...including integrating ICAM services and applying DevSecOps practices. The ideal candidate will have extensive experience... 

    COMFORT SYSTEMS

    Arlington, VA
    1 day ago
  • $126.1k - $227.95k

     ...decision intelligence. We're the minds behind the mission‑critical systems that keep our nation secure. Opportunity: Senior DevSecOps Engineer We're seeking a Senior DevSecOps Engineer to spearhead cloud initiatives for the United States Coast Guard at C5ISC in Alexandria... 

    Leidos

    Alexandria, VA
    2 days ago
  •  ...committed to embodying these principles in every facet of our work. Position Overview Reporting to the Program Manager, the DevSecOps Engineer augments the CBO engineering team to extend infrastructure automation and secure delivery in a hybrid cloud environment. Maintains... 
    Remote work
    Shift work

    BaseCamp Consulting & Solutions

    Washington DC
    4 days ago
  • PingWind is seeking a DevSecOps professional based in Alexandria, Virginia, responsible for designing and implementing secure pipelines and automated environments. Candidates should have 10 years of relevant experience and a BS/BA degree, with a Secret Clearance required... 

    Dormont Manufacturing Co

    Alexandria, VA
    3 days ago
  • $94.1k - $161.2k

    Position Overview The DevSecOps Engineer, Mid provides engineering leadership to design, secure, and automate delivery pipelines and infrastructure that support mission‑critical applications. This role owns CI/CD workflows that integrate build, test, and security controls... 
    Contract work
    Work experience placement
    Work at office
    Remote work

    ASM Research, An Accenture Federal Services Company

    Washington DC
    2 days ago
  • A leading technology services provider is looking for a DevSecOps professional in Alexandria, VA. This role entails designing and implementing secure DevSecOps pipelines that ensure reliable operations of dashboards for federal projects. Required qualifications include... 

    Medium

    Alexandria, VA
    2 days ago
  •  ...Praescient Analytics is a leader in delivering advanced analytic, data engineering, and technology integration solutions in support of the...  ...Overview Praescient Analytics is seeking a Journeyman DevSecOps Engineer to support Army National Guard (ARNG) enterprise modernization... 
    Full time

    Praescient Analytics

    Arlington, VA
    4 days ago
  • Computational Physics, Inc. (CPI) is looking for a Full-Time Software Engineer / DevSecOps Engineer to support our customers at USNO, Washington, DC . Background A DevSecOps Engineer with strong software development fundamentals and a security-first mindset is sought... 
    Full time
    Temporary work
    For contractors
    Flexible hours

    Computational Physics Inc

    Washington DC
    3 days ago
  •  ...the team of men and women that solve some of the world’s most complex technical challenges. The CDAO Advana team is seeking an DevSecOps Engineer to join their efforts in the DC area. Advana is the Chief Digital and Artificial Intelligence Office’s (CDAO) enterprise-... 
    Work at office
    Flexible hours

    General Dynamics Information Technology

    Washington DC
    1 day ago
  • $120k - $140k

    DevSecOpsEngineer (REMOTE) ROLE We need an experienced DevSecOps Engineer at the U.S. Securities and Exchange Commission (SEC). The SEC’s Division of Corporation Finance reviews public company filings to ensure investors receive the material information they need to make... 
    Full time
    Contract work
    Remote work
    Relocation
    Relocation package

    West 4th Strategy

    Washington DC
    2 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to DevSecOps Engineer. Be the first to apply!