DevSecOps Lead
Description:
Job Description
540 is seeking an experienced DevSecOps Lead to oversee and implement secure, scalable and automated solutions across complex enterprise environments. The ideal candidate brings a well-rounded skill set spanning Configuration Management, Risk Management Framework (RMF), Enterprise Architecture, and Network Engineering, ensuring secure and efficient integration of development, security, and operations practices.
This is a DoD project that supports the Defense Acquisition community in making authoritative and trusted data available for analysis, oversight, insight, and decision-making over a large portfolio of acquisition programs. The team manages a central platform that integrates and shares acquisition data through modern APIs, with front- and back-end tools supporting user interaction and reporting. This single point of access is architected on top of a governed data framework to ensure consistency spanning upstream data providers and downstream data consumers. The platform has officially supplanted its predecessor (having achieved Initial Operating Capability) and is transitioning to Full Operating Capability, requiring an efficient and integrated contractor team to maintain, enhance, sustain, and test the system using Agile and DevSecOps practices.
Location: Must be local to the National Capital Region (NCR). This position offers significant remote flexibility, with occasional onsite meetings in Arlington, VA as required by the customer
Citizenship & Clearance Requirement: per client requirements, must be a US Citizen with an active DoD Secret (or higher) clearance
Education Requirement: Bachelor's Degree
540 Internal Thrive Level: Senior DevSecOps Engineer
WHY 540?
540 is a forward-thinking company that the government turns to in order to #GetShitDone. We do more than talk about it, we break down barriers to innovation and build impactful tech. We're looking for someone with big ideas, who thrives on innovation and is a self-starter. If you love to learn about and work with new technologies, we want to talk to you.
REQUIRED SKILLS & EXPERIENCE
12+ years of overall experience
Strong problem solving and troubleshooting skills
Ability to work independently (as if on an island) with clients, but also be a consummate team player
DevSecOps & Infrastructure:
Proven expertise with CI/CD pipeline management using Jenkins, Gitlab, Docker, and Artifactory
Strong experience with configuration management tools like Ansible
Strong experience with infrastructure as code (IaC) tools like Terraform
Experience providing technical oversight and guidance on containerized applications and microservices, system administration, modernization, and migrations
Hands-on experience with installation, configuration, testing, operation, upgrading, troubleshooting, and maintenance of technologies, and setting up appropriate monitoring and alerting tools
Security & Compliance:
Working knowledge of Risk Management Framework (RMF), STIG compliance/management, and secure DevOps practices
Experience with identity and access management using ADFS/SAML
Understanding of secure software development principles and integration of security controls into DevOps workflows
Cloud & Architecture:
Experience deploying to and managing workloads in cloud environments (Azure preferred)
Expertise in managing the application layer, including virtual machines, network interfaces, application gateways, API management platforms, etc.
Firm understanding of networking concepts
Collaboration & Agile Delivery:
Proficient in using Jira, Jira Service Desk, Slack and Confluence in Agile development environments
Ability to work closely with development teams and provide guidance on release planning, environment configuration, and automation best practices
Certifications:
Currently possesses CompTIA Security+
At least one of the following:
Microsoft Certified: DevOps Engineer Expert
Azure Administrator Associate
AWS Solutions Architect and/or AWS Developer
AWS SysOps Administrator
Azure Database Administrator Associate
Willingness and ability to obtain project-required industry cloud / security certifications within two months of employment and as needed
NICE TO HAVE SKILLS & EXPERIENCE
Kubernetes or other container orchestration tools, to expand container management capabilities beyond Docker
Experience with automated testing frameworks (e.g., JUnit, Selenium, Karma, Jasmine) to support shift-left testing practices
Familiarity with message brokers like RabbitMQ and/or Redis for managing distributed systems and microservice communications
Exposure to ElasticSearch (and ELK stack) for centralized logging, analytics, and search capabilities
Knowledge of Git workflows and branching strategies, including use of Bitbucket or Gitlab
Prior experience supporting Java-based applications, as well as related frameworks and tooling
Understanding of SonarQube for static code analysis and integrating code quality gates in CI/CD pipelines
Familiarity with SQL (PostgreSQL) and NoSQL(MongoDB) databases, as well as general database administration best practices
Background supporting API-first applications or managing API lifecycles built around API management tools like Apigee or Tyk
Experience with cloud migrations, rearchitecture to leverage cloud-native services, and managing resource provisioning and scaling
Prior experience supporting or sustaining platforms in a federal or DoD environment, especially involving secure, regulated, compliance-driven environments and DoD 8000-series information security requirements
BENEFITS & PERKS
Health, dental and vision insurance plans
Flexible Spending Account (FSA)
401k with employer match
Company Sponsored Life Insurance, Short and Long Term Disability coverage
Flexible PTO + all Federal holidays off
Professional development opportunities (training, certifications, conferences)
Paid cloud developer accounts
Referral Bonus - good people know good people
Annual Social Events (540 week, hackathon, charity golf tournament, etc.)
Access to 540's Washington Capitals & Nationals tickets
EQUAL EMPLOYMENT OPPORTUNITY (EEO)
540's policy is to provide equal employment opportunity to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
Full-time
Fully remote