Principal DevSecOps Engineer (CI/CD & OpenShift) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Tekskills Inc. · 5 days ago

Principal DevSecOps Engineer (CI/CD & OpenShift)

positionCharlotte, NC
timeContract
remoteOnsite
seniorityLead/Staff
date10+ years exp

Tekskills Inc. is seeking a Principal DevSecOps Engineer to lead the architecture, implementation, and optimization of CI/CD platforms and OpenShift-based container application delivery. The role involves defining strategies for secure software supply chains, automating processes, and partnering with various teams to ensure reliable and compliant releases at scale.

ConsultingInformation TechnologyIT InfrastructureRecruiting
check
Growth Opportunities
check
H1B Sponsor Likelynote
Hiring Manager
Sneha sri
linkedin

Responsibilities

Own the end-to-end CI/CD architecture(e.g., GitHub Actions / Azure DevOps / Jenkins / GitLab CI) and OpenShift (OCP)platform setup across multiple environments (Dev → Prod)
Design and implement GitOps workflows (e.g., Argo CD/Flux) for declarative, auditable, and automated environment management
Define multi-tenant OCP standards: projects/namespaces, RBAC, network policies, resource quotas/limits, SCCs/PSa, and cluster add-ons (ingress, service mesh, operators)
Embed SAST/DAST/SCA/Secrets scanning into pipelines; enforce policy gates with tools like SonarQube, OWASP ZAP, Trivy/Grype, Anchore, Snyk, or Aqua
Establish and automate SBOM, image signing (cosign/Notary), provenance/attestations (SLSA), and supply chain risk controls
Harden OCP clusters and pipelines (image policies, admission controllers, network policies, security contexts, TLS, secrets mgmt) per CIS, NIST, and organizational standards
Standardize pipeline templates (reusable, parameterized) for microservices and data/ML workloads; optimize build caching, parallelization, and artifact/versioning strategies
Implement progressive delivery(blue/green, canary) and rollout safeguards with Argo Rollouts or service mesh
Manage artifact repositories/registries (Nexus/Artifactory/Harbor, Quay/OCP Image Registry)
Instrument end-to-end observability(logs/metrics/traces) across CI/CD and OCP using tools like Prometheus, Grafana, Loki, ELK/Elastic, and OpenTelemetry
Improve pipeline and deployment MTTR, reduce change failure rate, and increase deployment frequency
Build capacity & cost visibility for OCP (cluster autoscaling, right-sizing, quota policies, node pools/infra nodes, FinOps guardrails)
Define governance for branching, release versioning, environment promotions, access control, and compliance evidence
Lead inner-source enablement (documentation, starter repos, golden paths, developer portals/Backstage)
Mentor engineers; lead root cause analysis for platform and release incidents

Qualification

CI/CD expertiseOpenShift expertiseSecurity practicesInfrastructure as CodeProgramming/ScriptingObservability toolsCloud experienceGovernanceRoot cause analysisMentoringDocumentation

Required

10+ years in DevOps/Platform/SRE/Build & Release; 3+ years in a principal/lead capacity
Deep expertise in CI/CD: Git-based workflows; one or more platforms (GitHub Actions, Azure DevOps, Jenkins, GitLab CI). Strong with YAML pipelines, runners/agents, caching, artifact mgmt
Expertise in OpenShift (OCP): cluster administration, Operators, Routes/Ingress, SCC/PSa, Quay/registry, Service Mesh (optional), and OCP GitOps (Argo CD). Kubernetes fundamentals required
Security: Hands-on with SAST/DAST/SCA, container scanning, SBOMs (CycloneDX/SPDX), image signing (cosign), secrets management (Vault/External Secrets), policy as code (OPA/Gatekeeper/Kyverno)
Infrastructure as Code: Terraform/ArgoCD Helm/Kustomize; strong GitOps principles
Programming/Scripting: Proficiency in Bash and one of Python/Go/TypeScript for tooling and automation
Observability: Prometheus/Grafana, ELK/Elastic/Loki, OpenTelemetry; pipeline telemetry/SLIs
Cloud: Experience with at least one major cloud (AWS/Azure/GCP) integrating managed services with OCP (e.g., ROSA/ARO) or IPI/UPI installations

Preferred

Certifications: Red Hat OpenShift (e.g., EX280/EX288), CKA/CKAD/CKS, Azure/AWS/GCP, Security+ or equivalent
Supply Chain Security: Familiarity with SLSA, NIST SSDF, CIS benchmarks, and compliance regimes (SOC 2, PCI, HIPAA)
Progressive Delivery: Argo Rollouts, service mesh traffic shifting (Istio/OSSM/Kourier)
Data/ML pipelines experience (if relevant), GPU workloads on OCP
Experience in regulated industries (financial services, healthcare, public sector)

Company

Tekskills Inc.

twittertwittertwitter
company-logo
Founded in 2003 to solve mission-critical development and maintenance problems, Tekskills Inc.
dateFounded in 2003
location
Princeton, New Jersey, USA
people-size501-1000 employees
web-link
http://www.tekskillsinc.com

H1B Sponsorship

Tekskills Inc. has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (26)
2024 (31)
2023 (32)
2022 (27)
2021 (31)
2020 (49)

Funding

Current Stage
Late Stage
Company data provided by crunchbase