DevSecOps Engineer

540 is looking for a DevSecOps Engineer to develop a data transformation and workflow solution for an impactful part of the US Army. You will deploy and operate a replacement for a legacy financial system to the cloud, and innovate new cloud-first solutions for the US Army’s data management ecosystem. 

The ideal candidate will have strong experience in AWS cloud environments and expertise in STIG and ACAS scanning, as well as a security-focused mindset, a deep understanding of infrastructure as code (IaC), and the ability to automate security processes in a cloud-native environment. This role will focus on integrating security into DevOps pipelines, ensuring compliance with security policies, and conducting vulnerability assessments and remediation.

Location: Remote within the continental United States, East Coast working hours with some flexibility afforded. Occasional travel may be required (3-4x annually)
Citizenship & Clearance Requirement: per client requirements, must be a US Citizen with the ability to obtain a DoD Secret clearance
Education Requirement: Bachelor’s Degree in Computer Science or related field
540 Internal Thrive Level: DevSecOps Engineer II or III

WHY 540?

540 is a forward-thinking company that the government turns to in order to #GetShitDone. We do more than talk about it, we break down barriers to innovation and build impactful tech. We’re looking for someone with big ideas, who thrives on innovation and is a self-starter. If you love to learn about and work with new technologies, we want to talk to you.

REQUIRED SKILLS & EXPERIENCE

• 6+ years of experience in DevSecOps, cloud security, or related roles
• Strong AWS experience, including IAM, VPC security, KMS, GuardDuty, and AWS Security Hub
• Experience with STIG hardening and compliance enforcement in cloud and on-prem environments
• Hands-on experience with ACAS (Tenable Nessus SecurityCenter) for vulnerability scanning and remediation
• Proficiency with CI/CD tools such as GitLab CI/CD, Jenkins, or AWS CodePipeline
• Experience with infrastructure as code (IaC) best practices using tools such as Terraform, AWS CloudFormation, or Ansible
• Experience with scripting and automation (Python, Bash, PowerShell, etc.)
• Familiarity with compliance frameworks (NIST 800-53, FedRAMP, DoD RMF)
• Experience with container security for Kubernetes, Docker, or AWS ECS/EKS
• Strong knowledge of security monitoring tools (SIEM, IDS/IPS, etc.)
• Currently hold or have the ability to obtain CompTIA Security+ and AWS Cloud Practitioner (or similar) certification within 3 months of employment
• Excellent problem-solving skills and ability to work in a collaborative team environment

NICE TO HAVE SKILLS & EXPERIENCE

• Security certifications such as CISSP, CEH, Security+, AWS Security Specialty
• Held a CAC/PIV and/or DoD security clearance within the last 24 months
• Experience with log management tools
• Familiarity with DevSecOps frameworks and best practices
• Experience working in government or DoD environments

BENEFITS & PERKS

• 100% covered health, dental and vision premium for employees, optional dependent coverage
• Flexible Spending Account (FSA)
• 401k with employer match
• Company Sponsored Life Insurance, Short and Long Term Disability coverage
• Flexible PTO + all Federal holidays off
• Home Office allowance
• Reimbursement for trainings / certifications
• Paid cloud developer accounts
• Referral Bonus - good people know good people
• Annual Social Events (540 week, hackathon, charity golf tournament, etc.)
• Access to 540’s Washington Capitals & Nationals tickets

EQUAL EMPLOYMENT OPPORTUNITY (EEO)

540's policy is to provide equal employment opportunity to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.