DevSecOps Specialist - TS/SCI + CI Polygraph Required
cFocus Software Incorporated
- Location
- Onsite (Washington, DC)
- Employment
- Full-time
- Level
- Senior Level
Posted 3 days ago
About the Role
cFocus Software is seeking a DevSecOps Specialist to support the Defense Intelligence Agency (DIA). This role involves designing, developing, and implementing secure CI/CD pipelines and DevSecOps practices within development workflows.
Skills
CI/CD Pipelines
Docker
Kubernetes
Terraform
Ansible
CloudFormation
SonarQube
Fortify
Checkmarx
Twistlock
AWS
Azure
SAST
DAST
SCA
Infrastructure as Code
Full job details
cFocus Software seeks a DevSecOps Specialist to join our program supporting the Defense Intelligence Agency (DIA). This position is on site in the Washington DC, MD, & VA area. This position requires a TS/SCI + CI Polygraph clearance.
Qualifications:
Duties:
Qualifications:
- Active TS/SCI + CI Polygraph clearance
- Bachelor's degree in Computer Science, Cybersecurity, or related field with 4-12+ years of experience
- Experience with CI/CD pipelines (Jenkins, GitLab CI, GitHub Actions), container technologies (Docker, Kubernetes), and automated security testing
- Proficient in infrastructure as code (Terraform, Ansible, CloudFormation)
- Implements DevSecOps practices and tools within development workflows
- Experience integrating security scanning tools (SonarQube, Fortify, Checkmarx, Twistlock)
- Knowledge of cloud platforms (AWS, Azure) and security best practices
- Certifications such as Security+, CKA (Certified Kubernetes Administrator), or AWS DevOps Engineer preferred
- Certifications such as CISSP, CEH, or Security+ are highly valuable
Duties:
- Designs, develops, and implements secure CI/CD pipelines integrating security throughout the software development lifecycle.
- Implements DevSecOps practices, automated security testing, and continuous monitoring i11 cloud and on-premise environments.
- Manages containerization (Docker, Kubernetes), infrastructure as code (Terraform, Ansible), and automated deployment processes.
- Performs technical planning, system integration, verification and validation in cyber environments.
- Integrates security tools (SAST, DAST, SCA) into development workflows and ensures compliance with security standards.
- Collaborate with development and security teams to implement shift-left security practices and maintain secure, resilient infrastructure.