Jobs for People with MS: National MS Society

DevSecOps Engineer

Work Location: Onsite in Washington, DC

Clearance : Active TS//SCI with CI poly

As a DevSecOps Engineer, you’ll b e an experienced DevSecOps Engineer and will play a critical role in designing, implementing, and maintaining secure and efficient software development and deployment pipelines. You will collaborate with cross-functional teams to integrate security practices seamlessly into the development and operations lifecycle, ensuring the delivery of high-quality, secure, and reliable software solutions.

If you think you can see yourself delivering our mission and pursuing our goals with us, then check out the job description below!

What you’ll do:

• Collaborate with development, operations, and security teams to integrate security practices into the software development lifecycle.

• Design, implement, and maintain CI/CD pipelines that incorporate automated security testing, vulnerability scanning, and compliance checks.

• Develop and maintain infrastructure as code (IaC) templates and configurations, ensuring security best practices are applied to cloud resources and infrastructure components.

• Perform regular security assessments, code reviews, and penetration testing to identify and address vulnerabilities and weaknesses in applications, code, and infrastructure.

• Monitor and analyze system and application logs to detect and respond to security incidents.

• Implement and manage identity and access management (IAM) solutions, ensuring appropriate authentication and authorization mechanisms are in place.

• Collaborate with software engineers to provide guidance on secure coding practices and assist in remediation of security findings.

• Participate in incident response activities, helping to investigate and mitigate security incidents in a timely manner.

• Contribute to the development and maintenance of security policies, procedures, and documentation.

  What you’ll need to succeed:

• Active TS/SCI Clearance with CI poly

• At least 6 years of experience as a DevSecOps Engineer or similar role, with a focus on integrating security into the software development lifecycle.

• Experience building DevSecOps solutions at scale across multiple classification domains (IL5 to IL6+) simultaneously

• Strong understanding of DevOps practices, CI/CD pipelines, and automation tools (e.g., Jenkins, GitLab CI/CD, Artifactory, SonarQube, Selenium).

• Experience with infrastructure as code (IaC) tools such as Terraform, CloudFormation, or Ansible.

• Familiarity with cloud platforms (e.g., AWS, Azure, GCP) and securing cloud-based applications and services.

• Solid understanding of containerization and orchestration technologies (e.g., Docker, Kubernetes, OpenShift, EKS) and securing containerized applications.

• Hands-on experience with security tools for static code analysis, dynamic application security testing (DAST), and vulnerability scanning, using tools such as Fortify, Acunetix, and Prisma Cloud

• Proficiency in scripting languages (e.g., Python, Bash) for automation and tool integration.

• Knowledge of security best practices, common vulnerabilities, and exposure to security frameworks (e.g., OWASP, NIST).

• Strong problem-solving skills and the ability to work effectively in a fast-paced, collaborative environment.

• Excellent communication skills, both written and verbal, with the ability to convey complex security concepts to technical and non-technical stakeholders.

  #M2

System One, and its subsidiaries including Joulé, ALTA IT Services, CM Access, TPGS, and MOUNTAIN, LTD., are leaders in delivering workforce solutions and integrated services across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible full-time employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan.

System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law.