Apply on Employer Site

MetroStar · 1 day ago

Sr. DevSecOps Engineer I (6095)

Reston, VA

Full-time

Onsite

Mid, Senior Level

$149K/yr - $177K/yr

4+ years exp

MetroStar is committed to building the best teams and delivering high-quality technology services. The Sr. DevSecOps Engineer I will design, implement, and maintain secure software development and deployment pipelines while collaborating with cross-functional teams to integrate security practices throughout the development lifecycle.

Artificial Intelligence (AI)Cloud Data ServicesCyber SecurityInformation TechnologyMachine LearningManagement ConsultingMobileSoftware

No H1B

Security Clearance Required

U.S. Citizen Only

Responsibilities

Collaborate with development, operations, and security teams, and with software engineers, to integrate security practices into the software development lifecycle, provide guidance on secure coding practices, and assist in remediation of security findings

Design, implement, and maintain CI/CD pipelines that incorporate automated security testing, vulnerability scanning, and compliance checks, and develop and maintain infrastructure as code (IaC) templates and configurations, ensuring security best practices are applied to cloud resources and infrastructure components

Perform regular security assessments, code reviews, and penetration testing to identify and address vulnerabilities and weaknesses in applications, code, and infrastructure, monitor and analyze system and application logs to detect and respond to security incidents, and participate in incident response activities to investigate and mitigate security incidents in a timely manner

Implement and manage identity and access management (IAM) solutions, ensuring appropriate authentication and authorization mechanisms are in place, and contribute to the development and maintenance of security policies, procedures, and documentation

Qualification

DevSecOps practicesCI/CD pipelinesInfrastructure as CodeSecurity assessmentActive TS/SCI with CI PolySecurity+ certificationContainerization technologiesScripting languagesSoft skills

Required

Active TS/SCI with CI Poly

Security+, or equivalent certification that satisfies DoD 8140/8570

4+ years of experience as a DevSecOps Engineer or similar role, with a focus on integrating security into the software development lifecycle

Expert experience with DevOps practices, CI/CD pipelines, and automation tools (e.g., Jenkins, GitLab CI/CD, Artifactory, SonarQube, Selenium, Fortify, Acunetix, and Prisma Cloud)

Strong experience with containerization and orchestration technologies (e.g., Docker and Kubernetes/OpenShift)

Strong experience with infrastructure-as-code (IaC) tools (e.g., Terraform, CloudFormation, or Ansible)

Strong experience in scripting languages for automation and tool integration (e.g., Python, Bash)

Knowledge of security best practices, common vulnerabilities, and exposure to security frameworks (e.g., OWASP, NIST)

Benefits

Health, dental, and vision insurance

401(k) retirement plan with company match

Paid time off (PTO) and holidays

Parental Leave and dependent care

Flexible work arrangements

Professional development opportunities

Employee assistance and wellness programs

Company

MetroStar

Glassdoor3.7

MetroStar is a leading provider of secure digital transformation and Artificial Intelligence (AI)-enabled solutions, specializing in delivering cutting-edge IT services to government agencies and defense organizations.

Founded in 1999

Reston, Virginia, USA

501-1000 employees