ForgeApply · Job listing
Senior DevSecOps Engineer
Trexsolutions
Apply in about a minute — without sacrificing quality.
ForgeApply autofills this application and tailors your resume to this exact posting. You review everything before it's sent. Free trial, no card required.
About this role
T-Rex Solutions is seeking a Senior DevSecOps Engineer to support our FDIC customer. This role is primarily remote with potential for occasional meetings at FDIC HQ in Arlington, VA as needed.
Responsibilities:
• DevSecOps Engineering and Automation
• Design, develop, implement, and maintain enterprise DevSecOps solutions that integrate development, security, testing, and operations capabilities.
• Build and optimize CI/CD pipelines that support automated software builds, testing, security scanning, deployment, and release management.
• Support software development teams by integrating security, compliance, and quality controls throughout the SDLC.
• Develop and maintain Infrastructure as Code (IaC) solutions to automate provisioning, configuration, and management of cloud and on-premises infrastructure.
• Implement automated deployment and configuration management processes to improve consistency, reliability, and scalability.
• Participate in the design, configuration, testing, administration, and monitoring of enterprise DevSecOps toolchains.
• Research, evaluate, and recommend emerging DevSecOps technologies, tools, frameworks, and best practices.
• Security Integration
• Embed security controls and compliance requirements into all phases of the SDLC.
• Integrate and maintain application security tools and processes, including: Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), Container and image scanning, Secret detection and credential management, Infrastructure security scanning, and Fuzz testing
• Support implementation of Zero Trust security principles across development and operational environments.
• Ensure compliance with federal cybersecurity requirements and security engineering best practices.
• Assist with vulnerability identification, remediation planning, risk mitigation, and security reporting.
• Support audit readiness activities and compliance documentation requirements.
• Automated Testing and Quality Engineering
• Develop and lead enterprise testing automation strategies integrated within DevSecOps pipelines.
• Implement automated functional, integration, regression, performance, load, and security testing capabilities.
• Enable self-service testing capabilities for product teams and development organizations.
• Establish and maintain testing frameworks, automation standards, and quality assurance processes.
• Define and implement test coverage metrics, quality gates, pass/fail criteria, and release readiness requirements.
• Champion shift-left testing practices by integrating validation and testing activities early in the SDLC.
• Promote continuous improvement of test plans, test data management processes, and automated testing frameworks.
• Ensure traceability between requirements, work items, source code, test cases, vulnerabilities, risk mitigation activities, and releases.
• Analyze and report testing outcomes, quality trends, vulnerabilities, and performance metrics to stakeholders and leadership.
• Technical Leadership
• Provide technical leadership and mentorship to software engineers, DevSecOps practitioners, testers, and operations personnel.
• Serve as a subject matter expert for DevSecOps methodologies, toolchains, automation frameworks, and software engineering best practices.
• Support architecture reviews, design discussions, technical evaluations, and modernization initiatives.
• Collaborate with Solution Architects, Security Architects, Product Owners, and technical teams to ensure alignment with organizational goals.
Requirements :
• Bachelor's degree in Computer Science, Software Engineering, Computer Engineering, Information Systems, Cybersecurity, or a related technical field.
• Minimum of 8 years of experience in software engineering, DevOps, DevSecOps, cloud engineering, cybersecurity engineering, or related disciplines.
• Demonstrated experience implementing DevSecOps practices within enterprise environments, supporting complex application development and modernization initiatives.
• Experience developing and maintaining CI/CD pipelines and deployment automation frameworks.
• Experience integrating automated testing and security controls into software delivery processes.
• Experience supporting hybrid cloud and on-premises environments.
• Strong understanding of Agile software development methodologies.
• Extensive experience with DevSecOps tools, automation frameworks, and software delivery platforms.
• Strong knowledge of Microsoft Azure
• Experience with the following toolset: GitHub Enterprise Server/Cloud, JFrog Artifactory, JFrog Xray, SonarQube, GitHub Advanced Security, GitHub Copilot, and Subject7
• Knowledge of containerization and infrastructure technologies including Azure Kubernetes Services (AKS), Virtual Machines, Application Gate Way, App Services, Key Vaults, ServiceNow, CyberArk, and Terraform
• Proficiency in one or more modern programming and scripting languages such as Java, C#, Python
• Experience with source code repositories, version control systems, and artifact management platforms.
• Strong understanding of:
• Zero Trust Architecture
• Application Security (AppSec)
• NIST 800-53 security controls
• Continuous Monitoring
• Logging and Audit Requirements (M-21-31)
• Knowledge of enterprise testing frameworks and automated quality assurance practices.
• Strong written and verbal communication skills with demonstrated experience briefing senior-level personnel.
• Experience supporting Continuous Authority to Operate (ATO) initiatives.
• Ability to obtain and maintain a Public Trust, suitability determination, or other clearance level required.
Desired Skills:
• One or more of the following certifications are preferred:
• Certified Kubernetes Administrator (CKA)
• Certified Kubernetes Security Specialist (CKS)
• Microsoft Azure DevOps Engineer Expert
• Microsoft Azure Solutions Archite
Ready to apply to Trexsolutions?
Apply in about a minuteSimilar jobs
- Senior DevSecOps Engineer — Klarity-ai · San Francisco (Klarity HQ)
- Senior DevOps Engineer — Beyondfinance · Chicago, IL
- Senior DevOps Engineer — Accenturefederalservices · Colorado Springs, CO
- Senior DevOps Engineer — Raft · Oahu, HI
- Senior DevOps Engineer — Postscript · Remote
- Senior DevOps Engineer — Brandlight · Remote
- Senior DevOps Engineer — Campminder · Boulder, CO or remote
- Senior DevOps Engineer — Matia · Remote