DevSecOps Engineer

Your growth matters to us - explore our career development opportunities.

BE EMPOWERED TO SUCCEED

Connect with others in our people-first culture and enhance our collective ingenuity.

SUPPORT YOUR WELLBEING

Learn how we’ll support you as you pursue a balanced, fulfilling life.

YOUR CANDIDATE JOURNEY

Discover what to expect during your journey as a candidate with us. The Opportunity Today’s dynamic technology landscape demands constant and rapid innovation. To facilitate this transformation, we must ensure continuous integration and application development. That’s why we need an experienced DevOps engineer who’s eager to design, test, and program critical applications for our clients who need them most. This is an opportunity to broaden your experience in software engineering while helping to develop software that will transform workflows and make a real impact. We invest in technology—and in you—providing continuing education resources, tuition assistance, and tech development programs to keep your skills sharp at the leading edge of tech. What You’ll Work On Integrate and enhance security into our software delivery pipelines using DevSecOps practices. Serve as a technical expert, using secure development practices and delivering continuous improvement across our CI/CD ecosystem. Evolve and secure CI/CD pipelines by integrating automated security tools such as SAST, DAST, SCA, and container scanning to meet DoD requirements and reduce operational risk. Refine vulnerability detection thresholds, tune scanners, reduce false positives, and optimize remediation workflows. Harden Infrastructure-as-Code templates, enforce policy‑as‑code, conduct risk assessments, and contribute to system security plans and continuous authority‑to‑operate efforts. Collaborate with development, operations, and security teams to support secure software delivery. Monitor pipeline activity for anomalies and assist in responding to security incidents. Champion Zero‑Trust principles and drive adoption of secure‑by‑design methodologies across the software development lifecycle. You Have 5+ years of experience in cybersecurity engineering and DevSecOps in federal or defense environments employing IaC/CaC, CI/CD, and SSDLC concepts. 3+ years of experience in scripting, including Python or Bash, and automation frameworks. 2+ years of experience implementing cybersecurity solutions in AWS cloud and container orchestration, including Kubernetes. Knowledge of best‑practice cybersecurity and threat‑based frameworks, including AI/ML security best practices. Knowledge of NIST SP 800‑53 controls, RMF compliance, eMASS, STIG Manager, STIG Viewer, and SCAP tools. Knowledge of Agile and Change Management methodologies. Security+ Certification. Bachelor’s degree in Cybersecurity or Computer Science. Top Secret clearance (required). Nice If You Have 3+ years of experience reviewing code samples and applying whitelisting or exemption processes. Experience developing Zero‑Trust security solutions for DevSecOps pipelines. Experience evaluating security tools and assessing fit for inclusion in development or operational environments. Excellent verbal, technical writing, and documentation skills. TS/SCI clearance. Master’s degree in an IT or Cybersecurity field. AWS Solutions Architect, AWS Security, or CISSP Certification. Clearance Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information. Top Secret clearance is required. Compensation Salary ranges from $77,600.00 to $176,000.00 (annualized USD). Benefits include health, life, disability, financial, and retirement options, paid leave, professional development, tuition assistance, and work‑life programs. Commitment to Non‑Discrimination All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran, or any other status protected by applicable federal, state, local, or international law. Work Model Remote: Remote work may require occasional onsite duty at a Booz Allen or customer facility. Hybrid: Employees will be expected to work from a Booz Allen facility frequently, with occasional customer visits. Onsite: Work will primarily be performed at a Booz Allen office or customer facility. #J-18808-Ljbffr Booz Allen Hamilton