Senior Security Automation Engineer (DevSecOps)
Analogic
- Location
- Onsite (Salem, NH)
- Employment
- Full-time
- Level
- Senior Level
About the Role
Analogic is seeking a Senior Security Automation Engineer to build a modern, greenfield security automation platform. This role offers the opportunity to engineer systems that protect global critical infrastructure and national security.
Skills
Full job details
What You’ll Be Building
You’ll help design and implement a modern security automation platform, including:
- Compliance-as-Code (STIG, CIS, ISO 27001 controls enforced programmatically)
- Immutable, hardened Linux images built through container workflows
- CI/CD pipelines with embedded security gates (GitLab)
- Automated vulnerability management pipelines (scan → triage → remediate → verify)
- Infrastructure-as-Code for security tooling and scanning platforms
This isn’t maintenance work—this is greenfield engineering.
Why This Work Matters
Your code will secure CT-based screening systems deployed globally across:
- Airports
- Border control
- Critical infrastructure
These systems operate in regulated, high-security environments where failures have real-world consequences.
You’re not just building pipelines—you’re protecting national infrastructure at scale.
What You’ll Do
- Build and maintain Ansible-based hardening frameworks (DISA STIG, OpenSCAP)
- Engineer secure CI/CD pipelines with enforced security gates
- Create container-based OS images that pass compliance pre-deployment
- Develop Terraform-managed security infrastructure (Tenable, OpenSearch, Grafana)
- Automate vulnerability remediation pipelines
- Replace manual audit prep with continuous compliance and auto-generated evidence
- Map technical controls directly to ISO 27001 requirements
Tech You’ll Work With
- Ansible, Terraform, GitLab CI/CD
- Linux (RHEL/CentOS ecosystem)
- Containers (Docker/Podman, image pipelines)
- Vulnerability scanning (Tenable/Nessus/OpenVAS)
- OpenSCAP, STIG, CIS benchmarks
- OpenSearch / Grafana
What We’re Looking For
- Experience in DevOps, SRE, or security engineering
- Strong automation mindset—you eliminate manual processes
- Hands-on with infrastructure-as-code and CI/CD pipelines
- Comfortable working in Linux-heavy, production environments
- Experience (or strong interest) in security automation and compliance engineering
What Makes This Different
- Greenfield opportunity – build systems from scratch, not maintain legacy
- Engineering-first security – automation over documentation
- Real-world impact – security that protects global infrastructure
- Cross-functional influence – partner with engineering, cybersecurity, and platform teams
- Modern stack – CI/CD, containers, IaC, and compliance automation
Bottom Line
If you’re a DevOps or SRE engineer who moved into security—or a security engineer who writes real code—this is an opportunity to build something modern, meaningful, and scalable.