Computer World Services logo

DevSecOps Engineer

Computer World Services
1 day ago
Full-time
On-site
Morrisville, North Carolina, United States

Computer World Services Corp. (CWS) is seeking a highly motivated and technically skilled DevSecOps Engineer responsible for the analysis, design, implementation, automation, security, testing, deployment, and lifecycle management of enterprise applications and supporting infrastructure within the NIEHS environment.

The DevSecOps Engineer combines business systems analysis expertise with modern software engineering, infrastructure automation, cybersecurity, and platform operations capabilities to support secure, scalable, and highly available enterprise applications. This position serves as a key contributor in integrating development, security, and operations practices throughout the Software Development Lifecycle (SDLC), ensuring compliance with Federal security requirements and supporting enterprise modernization initiatives.

The DevSecOps Engineer works closely with software developers, database administrators, systems engineers, cybersecurity personnel, project managers, and business stakeholders to deliver secure, reliable, and automated application solutions supporting NIEHS mission requirements.

Key Tasks & Responsibilities

Engineering and CI/CD Automation

• Design, implement, maintain, and optimize enterprise CI/CD pipelines supporting software development and deployment activities.

• Develop automated workflows for code integration, testing, security validation, packaging, release management, and deployment.

• Administer and support CI/CD platforms including:

  • Jenkins
  • GitLab CI/CD
  • GitHub Actions

• Support source code management platforms and branching strategies.

• Implement deployment automation across development, integration, testing, staging, and production environments.

• Monitor pipeline performance and continuously improve delivery efficiency and reliability.

• Migrate software builds through development, testing, integration, and production environments.

• Monitor deployment activities and remediate deployment failures within established service level agreements.

 

Infrastructure as Code and Automation

• Develop and maintain Infrastructure as Code (IaC) solutions using Terraform.

• Implement automated configuration management using Ansible.

• Develop reusable infrastructure modules, templates, and automation frameworks.

• Automate operational, administrative, and deployment processes.

• Support environment standardization and infrastructure modernization initiatives.

• Implement automated provisioning and configuration management capabilities across enterprise environments.

 

Container Platform Engineering

• Support containerized application deployments using Docker and Kubernetes platforms.

• Administer Rancher-managed Kubernetes environments.

• Manage container image lifecycle processes and private container registries.

• Implement container security best practices and vulnerability remediation procedures.

• Support runtime security monitoring and compliance initiatives.

• Assist application teams with container adoption, deployment patterns, and troubleshooting.

 

Application Security and Integration

• Integrate security controls and automated testing throughout the Software Development Lifecycle.

• Configure and maintain application security tools including:

  • OpenText Fortify (SAST)
  • Dynamic Application Security Testing (DAST)
  • Software Composition Analysis (SCA)
  • Secrets Management and Scanning Tools

• Review vulnerability findings and collaborate with development teams to remediate issues.

• Implement automated security gates and quality control processes.

• Support secure software development initiatives aligned with Federal security requirements.

• Promote DevSecOps best practices across development and operations teams.

 

Vulnerability Management and Compliance

• Support vulnerability management activities using Tenable and related security platforms.

• Conduct vulnerability assessments, remediation tracking, and risk analysis.

• Develop mitigation strategies when vulnerabilities cannot be remediated within required service levels.

• Coordinate mitigation approvals with Information System Security Officers (ISSOs).

• Implement approved mitigation plans following established change management procedures.

• Maintain compliance with:

  • FISMA
  • NIST 800-53
  • NIST Secure Software Development Framework (SSDF)
  • NIH and HHS security policies
  • Zero Trust Architecture principles

• Support audit readiness and compliance reporting activities.

 

Required Technical Skills

CI/CD and Automation

• Jenkins

• GitLab CI/CD

• GitHub Actions

• Git-based Source Control

• Release Management

Infrastructure Automation

• Terraform

• Ansible

• Infrastructure as Code (IaC)

• Configuration Management

Container Technologies

• Docker

• Kubernetes

• Rancher

Security

• OpenText Fortify

• SAST

• DAST

• Software Composition Analysis (SCA)

• Secrets Management

• Tenable Vulnerability Management

Programming and Scripting

• Python

• JavaScript / TypeScript

• Java

• C#

• PHP

• REST APIs

Enterprise Platforms

• Windows Server

• Red Hat Enterprise Linux (RHEL)

• Microsoft SQL Server

• Oracle Database

Education & Experience

Education

  • Bachelor’s degree in Computer Science, Information Systems, Engineering, or related field (or equivalent experience)

Experience

  • Three (3) to seven (7) years of experience in DevOps, DevSecOps, Systems Engineering, Platform Engineering, Infrastructure Automation, or a related technical discipline.
  • Experience building or supporting CI/CD pipelines in enterprise environments.
  • Experience working with Git-based source control systems.
  • Experience supporting Windows and Linux environments.
  • Experience developing automation scripts and tools.

 

Certifications

Below certifications or similar are a plus, but not required:
  • Security+
  • Terraform Associate
  • Certified Kubernetes Application Developer (CKAD)
  • Certified Kubernetes Administrator (CKA)
  • GitLab CI/CD Certification
  • Azure Fundamentals or equivalent cloud certification
  • Certified DevSecOps Professional
  • ITIL Foundation

Security Clearance

  • Applicants must be able to obtain a Public Trust clearance

Computer World Services is an affirmative action and equal employment opportunity employer. Current employees and/or qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, disability, protected veteran status, genetic information or any other characteristic protected by local, state, or federal laws, rules, or regulations.

Computer World Services is committed to the full inclusion of all qualified individuals. As part of this commitment, Computer World Services will ensure that individuals with disabilities (IWD) are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact Human Resources at [email protected].

 
We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.