Apply on Employer Site

LMI · 4 hours ago

DevSecOps Engineer - Clearance Required

United States

Full-time

Remote

Senior Level, Lead/Staff

$0/yr - $207K/yr

8+ years exp

LMI is a digital solutions provider dedicated to accelerating government impact with innovation and speed. The Senior DevSecOps Engineer will lead the automation, security, deployment, and operational sustainment of the Holistic Health & Fitness Management System (H2FMS) in alignment with RMF, cATO, and Zero Trust principles, working closely with various technical teams to ensure stable and compliant software delivery.

AnalyticsConsultingInformation TechnologyLogisticsManagement ConsultingProfessional Services

Comp. & Benefits

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Design, implement, and maintain CI/CD pipelines supporting H2FMS application components (UI, data services, integrations)

Develop and maintain Infrastructure-as-Code (IaC) using Terraform, CloudFormation, or ARM/Bicep to automate environment provisioning

Implement automated security scanning for:

Static code analysis (SAST)

Dependency/OSS vulnerability scanning

Container image scanning

Infrastructure compliance checks

Enable automated test frameworks for functional, integration, and security validation

Support integration and secure deployment workflows for the vendor-provided H2F data capture application as it connects to H2FMS

Ensure DevSecOps pipelines support secure ingestion, transformation, and hosting of vendor data in Army GovCloud

Coordinate environment staging, secrets management, IAM integration, and endpoint configuration

Implement and maintain Zero Trust-aligned controls for identity, policy enforcement, and boundary protection

Integrate access management and secrets management tools (AWS IAM, Azure AD, HashiCorp Vault, etc.)

Ensure all deployment workflows adhere to RMF and continuous ATO (cATO) requirements

Containerize services and support orchestration (Kubernetes/EKS/AKS or equivalent)

Implement runtime security measures (Falco, Prisma, Aqua, or similar)

Develop automated scaling, rolling updates, and resiliency mechanisms

Configure observability tools (CloudWatch, Azure Monitor, ELK, Prometheus/Grafana, etc.) for logs, metrics, and traces

Implement proactive alerting and incident response pipelines

Support performance tuning, troubleshooting, and defect resolution across the H2FMS tech stack

Work closely with Cloud Architecture, Cybersecurity, Data Engineering, UI/UX, and Human Performance SMEs

Participate in Agile ceremonies including sprint planning, backlog refinement, and sprint reviews

Contribute to technical documentation and architectural decision records (ADRs)

Provide guidance and mentorship to mid-level engineers on DevSecOps best practices

Qualification

DevSecOpsCI/CD pipelinesInfrastructure-as-CodeContainerizationAutomated security scanningRMFZero TrustAWSAzureKubernetesTerraformAgile/ScrumMentorshipTechnical documentation

Required

Bachelor's degree in computer science, Engineering, Information Systems, Cybersecurity, or a related discipline

8+ years of hands-on DevSecOps experience supporting cloud-based applications in secure environments

Demonstrated experience with: CI/CD pipelines (GitLab CI, GitHub Actions, Jenkins, Azure DevOps, etc.), Infrastructure-as-Code (Terraform, CloudFormation, ARM/Bicep), Containerization (Docker) and orchestration (Kubernetes, EKS/AKS), Automated security scanning and secure software development practices

Strong understanding of RMF, cATO, Zero Trust, and DoD cybersecurity controls

Experience deploying production workloads in AWS, Azure, or DoD cloud environments (cARMY, GovCloud, IL4/IL5 preferred)

Ability to obtain and maintain a DoD Secret clearance

Location: Remote

Travel: Ability to travel to Fort Eustis, VA or LMI HQ in Tysons, VA 1–2 times per quarter for planning, integration, and collaboration

Preferred

Experience supporting tactical or military human performance, training, or readiness systems

Certifications such as: AWS DevOps Engineer, Azure DevOps Engineer Expert, Kubernetes Administrator (CKA), Security+ or equivalent cybersecurity certifications

Experience with: Secrets management solutions, API gateway deployments, Log and event correlation for compliance, Automated compliance as code (OpenSCAP, OPA, Cloud Custodian)

Familiarity with Agile/Scrum environments and DevSecOps at scale