DevSecOps ENGINEER with Security Clearance
Auto ImportApply Now
DEVSECOPS ENGINEER WITH SECURITY CLEARANCEApply Now
COUNTRY
United States
FORMAT
Remote
Svitla Systems Inc. is looking for a DevSecOps Engineer for a full-time remote position (40 hours per week) in the USA. Our client is a cloud-native cybersecurity company that helps organizations automatically and continuously minimize the attack surface of their cloud workloads.You'll design, deploy, and maintain secure, cloud-native infrastructure supporting Department of War customers. You will work across container platforms, CI/CD pipelines, and government cloud environments to deliver hardened, compliant software systems at scale. This role sits at the intersection of platform engineering, security, and DevSecOps and requires a strong understanding of DoW policies, toolchains, and accreditation processes.
This position supports U.S. Department of War programs and may require a valid security clearance. A candidate must be a U.S. citizen. Applicants are subject to a background investigation in accordance with federal requirements.
Technical Environment:
- Container Orchestration: Kubernetes (EKS, AKS, RKE2, OpenShift);
- Package Management: Helm, Kustomize;
- Policy & Mesh: Istio, OPA Gatekeeper, Kyverno, Calico;
- CI/CD: GitLab CI/CD, GitHub Actions, Jenkins;
- Cloud: AWS GovCloud (East/West), Azure Government
- Registries: Iron Bank/registry-1, Harbor, Quay, AWS ECR;
- Observability: Prometheus, Grafana, Datadog, Loki, OpenTelemetry
- Security Scanning: Trivy, Grype, Anchore, RapidFort, Twistlock/Prisma;
- IaC: Terraform, Ansible, Crossplane.
- 4+ years of hands-on experience with Kubernetes in production environments.
- Demonstrated experience deploying and managing applications via Helm in multi-environment configurations.
- Working knowledge of Istio, OPA Gatekeeper, Kyverno, or equivalent Kubernetes policy and service mesh tooling.
- Knowledge of at least one major CI/CD platform: GitLab CI, GitHub Actions, Jenkins, or equivalent.
- Hands-on experience with AWS and/or Azure cloud platforms, including IAM, networking, storage, and managed Kubernetes services (EKS, AKS).
- Understanding of container image workflows: building, scanning, hardening, and distributing images via OCI registries.
- Understanding of monitoring and observability tools, including Prometheus, Grafana, and/or Datadog.
- Experience with Single Sign-On (SSO) and identity federation; familiarity with Keycloak or equivalent OIDC/SAML providers.
- Active DoW security clearance (secret or higher).
- Familiarity with Iron Bank, registry-1, Platform One, or Big Bang-based software factory environments.
- Familiarity with GitLab Ultimate features, including security dashboards and dependency scanning.
- Experience supporting Air Force, Space Force, Navy, or other military branch programs.
- Exposure to software supply chain security tooling: Sigstore/cosign, vulnerability scanners, SBOM generation, and compliance scanning tools.
- Prior experience working with Cato, continuous authorization, or Ongoing Authorization environments.
- CKA, CKS, AWS GovCloud certifications, or equivalent credentials
- Experience with AWS GovCloud and/or Azure Government.
- Understanding of DoD compliance frameworks: NIST 800-53, STIGs, RMF, FedRAMP.
- Design and maintain Kubernetes-based infrastructure, including cluster provisioning, RBAC configuration, network policy, and workload management.
- Package and deploy applications using Helm charts; maintain chart repositories and manage release lifecycle across environments.
- Implement and enforce policy controls using Istio service mesh, OPA Gatekeeper, Kyverno, and related Kubernetes admission controllers.
- Build and maintain CI/CD pipelines using GitLab CI, GitHub Actions, Jenkins, or equivalent tooling; integrate automated security scanning and compliance gates.
- Deploy and operate workloads on AWS GovCloud and Azure Government; architect for high availability, disaster recovery, and cross-region compliance requirements.
- Manage and harden container images; integrate with Iron Bank, Platform One, and other DoW-approved registry sources.
- Configure and maintain observability stacks, including Prometheus, Grafana, and Datadog; develop alerting, dashboards, and SLO frameworks.
- Participate in ATO processes, support STIG/CIS compliance scanning, and contribute to System Security Plans (SSPs) and documentation artifacts.
- Collaborate with development, security, and program teams to establish a