DevSecOps Engineer

Camgian is seeking a motivated DevSecOps Engineer to join our growing engineering team. In this role, you will support compliance-driven security automation, CI/CD pipelines, and infrastructure reliability while embedding security best practices throughout the software development lifecycle. This position is ideal for candidates with foundational DevOps experience who are eager to expand their skills in cybersecurity tools, secure system design, and regulated environments. 

Qualifications: 

• Bachelor’s degree in computer science, Software Engineering, or related field 

• 2–5 years of experience in a DevOps, SRE, or automation-focused role 

• Experience with CI/CD tools (Jenkins, GitLab, Bitbucket) supporting multiple languages (C/C++, Java, Python) 

• Proficiency with source code management, branching strategies, merging, and code review practices 

• Strong familiarity with configuration management and automation tools (Ansible, Helm) 

• Solid Linux fundamentals and scripting experience (Bash, Python) 

• Understanding of secure software development lifecycle (SSDLC) concepts 

• Excellent communication and collaboration skills 

• U.S. citizenship required 

Desired Skills: 

• Knowledge of security scanning tools and methodologies (SAST, DAST, SCA, vulnerability scanning) 

• Tools such as Anchore, Xray, Tenable/Nessus, or equivalent 

• Familiarity with artifact repositories and dependency management (Artifactory or equivalent) 

• Exposure to virtualization technologies (XCP-ng, XEN, KVM, or VMware) 

• Basic understanding of code quality and static analysis tools (SonarQube) 

• Exposure to cloud platforms (AWS, Azure, GCP) and Infrastructure as Code (Terraform) 

• Interest or experience with containerization and orchestration (Docker, Kubernetes) 

• Familiarity with monitoring and observability tools (Prometheus, Grafana) 

• Exposure to secrets management and secure configuration (Vault, AWS Secrets Manager, Kubernetes secrets) 

• Basic understanding of network and application security (TLS, certificates, authentication, authorization) 

• Exposure to compliance frameworks such as NIST 800-53, NIST 800-171, RMF, or similar 

• Experience supporting audits, assessments, or ATO-related activities is a plus 

• Familiarity with centralized logging or SIEM tools (ELK, OpenSearch, Splunk) is a plus 

Responsibilities: 

• Support and maintain automated security scanning workflows across the CI/CD pipeline 

• Collaborate with engineering teams to triage, remediate, and prevent security vulnerabilities 

• Monitor and analyze security scanning results in development, staging, and production environments 

• Maintain and enhance CI/CD pipelines using Jenkins, GitLab, and Bitbucket 

• Automate infrastructure provisioning and configuration using Ansible, Helm, and Infrastructure as Code 

• Support containerization strategies and secure deployments using Docker and Kubernetes 

• Assist with secrets management, credential handling, and secure configuration baselines 

• Support audit preparation, evidence collection, and compliance-related activities 

• Document processes, present findings, incorporate feedback, and contribute to continuous improvement 

• Assist with troubleshooting across development, staging, and production environments with a security-first mindset