Apply on Employer Site

Guidehouse · 10 hours ago

Senior DevSecOps Engineer

District of Columbia, United States

Full-time

Onsite

Mid, Senior Level

$113K/yr - $188K/yr

6+ years exp

Guidehouse is a company specializing in IT Cyber Security, and they are seeking a technically skilled and compliance-driven DevSecOps Security Analyst to support DevOps work and cybersecurity operations for federal government contracts. The role emphasizes hands-on implementation of system scan policies, configuration of monitoring tools, and ensuring systems meet federal cybersecurity standards.

AdviceConsultingManagement Consulting

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

System Scan Policy Implementation Develop, configure, and maintain system scan policies using tools such as Nessus, ACAS, and SCAP or the like. Ensure scans align with federal vulnerability management requirements

Monitoring Tool Configuration & Management Deploy and manage security monitoring tools (e.g., Splunk, ArcSight, SolarWinds, Google Security Command Center) to support real-time threat detection and log aggregation

Audit Log Review & Reporting Generate, analyze, and review audit logs and security reports to identify anomalies and ensure compliance with DHS internal control requirements

IAM & Access Control Manage identity and access controls using platforms such as Okta, Google Workspace IAM, and Active Directory. Ensure least privilege and role-based access policies are enforced

SAST/DAST Scanning & Analysis Configure and run static and dynamic application security testing tools including Checkmarx, Fortify, Invicti, and WebInspect. Analyze results and coordinate remediation with development teams

Database Security & Scanning Use tools like DbProtect to scan and assess database configurations, permissions, and vulnerabilities

Security Control Assessment Apply and evaluate NIST SP 800-53 Rev. 5 controls; support control testing and documentation for A&A packages and continuous monitoring

POA&M Management Assist in identifying vulnerabilities and tracking remediation efforts through Plans of Action and Milestones (POA&Ms)

Documentation & Communication Maintain system security documentation including SSPs, boundary diagrams, and scan results; communicate findings to stakeholders and technical teams

Incident Response Support Contribute to incident investigations and post-incident reviews; assist in implementing corrective actions and updating audit trails

AI Security Integration Evaluate and secure AI/ML applications and pipelines; implement controls for model integrity, data privacy, and adversarial threat mitigation

Qualification

DevSecOpsVulnerability ScanningSecurity MonitoringIdentityAccess ManagementNIST SP 800-53SAST/DASTCloud SecurityCI/CD SecurityAnalytical SkillsScripting PowerShellScripting PythonCertifications Security+Certifications CISSPCommunication SkillsOrganizational Skills

Required

U.S. Citizenship and eligibility for a Public Trust or Secret clearance

Six(6) to Eight (8) years of experience in Cybersecurity, Information Systems or related field, preferably supporting federal contracts

Experience in implementing and maintaining DevSecOps

Experience in incident response, threat detection, and security monitoring for cloud-hosted web applications and infrastructure

Hands-on experience with vulnerability scanning tools, SIEM platforms, and IAM systems

Working knowledge of Openshift, Kubernetes and Docker

Knowledge of GCP Google Cloud Platform

Security practice of CI/CD pipelines using tools such as GitLab, Jenkins, Harness

Familiarity with SAST, DAST, WebInspect, Invicti

Strong analytical, organizational, and communication skills

Preferred

Certifications: Security+, CAP, CISSP, CYSA+, or equivalent

Experience with FedRAMP, DISA STIGs, and CDM tools

Scripting experience (e.g., PowerShell, Python) for automation and log parsing

Experience supporting DHS, DoD, or civilian federal agencies

Benefits

Medical, Rx, Dental & Vision Insurance

Personal and Family Sick Time & Company Paid Holidays

Parental Leave

401(k) Retirement Plan

Group Term Life and Travel Assistance

Voluntary Life and AD&D Insurance

Health Savings Account, Health Care & Dependent Care Flexible Spending Accounts

Transit and Parking Commuter Benefits

Short-Term & Long-Term Disability

Tuition Reimbursement, Personal Development, Certifications & Learning Opportunities

Employee Referral Program

Corporate Sponsored Events & Community Outreach

Care.com annual membership

Employee Assistance Program

Supplemental Benefits via Corestream (Critical Care, Hospital Indemnity, Accident Insurance, Legal Assistance and ID theft protection, etc.)

Position may be eligible for a discretionary variable incentive bonus

Company

Guidehouse

Glassdoor3.7

Guidehouse offers consulting services for public and commercial markets with expertise in management, technology, and risk consulting.

Founded in 2018

Washington, District of Columbia, USA

10001+ employees

https://guidehouse.com

Funding

Current Stage

Late Stage

Total Funding

$0.75M

Key Investors

Mission Daybreak

2023-11-06Acquired

2023-02-16Grant· $0.75M

Leadership Team

Scott McIntyre

Chairman and CEO

Alicia Harkness

Partner

Recent News

PR Newswire

Guidehouse Earns 2026 Military Friendly® Employer Designation and Seven Seals Recognition

2025-12-08

Washington Technology

Three firms protest $900M CBP IT and professional services contract awards

2025-11-20

Washington Technology

Guidehouse protests $99M Coast Guard financial management contract award

2025-11-19

Company data provided by crunchbase