Platform Security Engineer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Modern Technology Solutions, Inc. (MTSI) · 3 hours ago

Platform Security Engineer

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level
date5+ years exp

Modern Technology Solutions, Inc. (MTSI) is seeking a Platform Security & DevSecOps Engineer to support their infrastructure Information Technology team. The role involves embedding security and compliance into the Development Platform and Software Development Lifecycle (SDLC), ensuring that engineering teams can deliver high-quality, compliant solutions efficiently.

Information Technology
check
Growth OpportunitiesbadNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Partner with the Platform Architect and DevSecOps Engineers to design and maintain a secure Development Platform and SDLC for developing AI/ML, M&S, and other software solutions
Define, implement, and maintain security controls within CI/CD pipelines, including SAST, DAST, SCA, container image scanning, secrets detection, and policy gates
Develop and maintain compliance-as-code and policy-as-code libraries that encode NIST, FIA, RMF, CMMC, IMSA, SSDF, and customer requirements directly into SDLC tooling and CI/CD pipelines
Work with DevSecOps Engineers to embed these policies into reusable pipeline templates so engineering teams automatically inherit security guardrails when they build and deploy solutions
Design and implement mechanisms to produce automated, machine-readable evidence bundles with every pipeline run, supporting audits and ATO/cATO packages with minimal manual effort
Configure and harden security-relevant tooling within the Development Platform, including GitLab, artifact repositories, code quality tools, container registries, remote development environments, and secrets management solutions
Conduct security design reviews, threat modeling, and risk assessments for platform changes and key workloads, and document recommended mitigations
Collaborate with Cybersecurity SMEs to map technical controls to formal security requirements, validate their effectiveness, and support accreditation activities
Monitor and improve the security posture of the Development Platform, including vulnerability management, configuration baselines, security patching, and secure defaults for new projects
Provide guidance and training to engineering teams on secure coding, secure use of CI/CD, secrets management, and platform security best practices
Assist with the secure integration and governance of AI-assisted development tools and workflows, ensuring they operate within approved guardrails and data protection requirements

Qualification

DevSecOpsApplication SecurityCloud SecurityCI/CD PipelinesPolicy-as-CodeCompliance-as-CodeSecurity Scanning ToolsInfrastructure as CodeKubernetes SecurityMicrosoft AzurePythonGoCollaborationCommunication

Required

Bachelor's degree in Cybersecurity, Computer Science, Computer Engineering, or related field with 5 years experience
Must have an Active DoD Secret clearance with the ability to obtain and maintain a Top Secret clearance; US citizenship required
5+ years of combined professional experience in DevSecOps, Application Security, Cloud Security, Platform Engineering, or related roles
Hands-on experience securing modern DevSecOps toolchains and CI/CD pipelines, preferably with GitLab and GitLab CI
Strong understanding of secure SDLC practices and how to embed them into automated workflows and tooling used by engineering teams
Experience implementing and tuning security scanning tools such as SAST, DAST, SCA, container image scanning, and secrets detection
Experience developing or maintaining policy-as-code and compliance-as-code solutions that drive pipeline behavior and guardrails for product teams (for example, using OPA, Kyverno, or similar approaches)
Experience with automation standards and tooling such as OSCAL (or similar) to express controls and evidence in machine-readable form and integrate them into CI/CD and SDLC workflows
Hands-on experience with containerization and Kubernetes security, including RBAC, network policies, secrets management, image provenance, and use of trusted registries
Experience with Infrastructure as Code tools such as Terraform, Ansible, or similar, and securing IaC patterns for cloud and on-premises environments
Practical experience with Microsoft Azure cloud services (Azure Government preferred), including identity, network security, storage, and workload protection
Experience with security and compliance frameworks such as NIST, RMF, FIA, CMMC, IMSA, and SSDF, and how they map to technical controls in the SDLC
Proficiency in at least one programming or scripting language such as Python, Go, or a similar language used to build security automation and integrations
Demonstrated ability to collaborate with software, cloud, and cybersecurity teams and to clearly explain security risks and tradeoffs to technical and non-technical stakeholders

Company

Modern Technology Solutions, Inc. (MTSI)

twittertwittertwitter
company-logo
Modern Technology Solutions, Inc.
dateFounded in 1993
location
Alexandria, Virginia, USA
people-size1001-5000 employees
web-link
http://www.mtsi-va.com/

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Kevin Robinson
President and CEO
linkedin

Recent News

Washington Technology
Who won GovCon's Awards for 2025?
2025-11-08
Google Patent
Rapid aerial extraction systems
2025-04-04
Google Patent
Satellite refueling
2025-04-04
Company data provided by crunchbase