GXM is seeking a DevSecOps Engineer to support our work with Platform One and the USAF. Our team is dedicated to solving critical problems through rapid innovation and effective implementation, providing secure and scalable solutions for our clients in highly sensitive environments. Join us if you are passionate about cutting-edge technologies, enhancing security posture, and driving efficiency in cloud-native and containerized environments.
GXM offers a comprehensive benefits package, including medical, dental, and vision insurance, employer-paid life insurance, short-term and long-term disability, a 401(k) plan with employer matching, a Flexible Spending Account, employer-paid parking, a flexible Paid Time Off policy, and 11 Federal holidays.
- Design, develop, and maintain CI/CD pipelines for a range of applications in compliance with USAF Platform One standards.
- Implement DevSecOps best practices, ensuring secure code, infrastructure, and environments through continuous integration, testing, and deployment.
- Utilize and integrate automation tools to enhance scalability, reduce manual interventions, and streamline processes.
- Develop Infrastructure-as-Code (IaC) and Configuration-as-Code (CaC) scripts using tools such as Terraform, Ansible, and Packer.
- Implement and manage containerized applications using Kubernetes, Docker, and Helm, including experience in hardening these environments.
- Conduct automated security testing and vulnerability scanning to ensure compliance with DoD and USAF security standards.
- Maintain and document security operations and maintenance activities, ensuring all configurations and procedures are up to date.
- Support the integration of secure software delivery pipelines, including development in air-gapped and controlled environments.
- Provide continuous monitoring and implement security measures across live environments, leveraging tools like Istio, Jenkins, GitLab, and other Platform One approved technologies.
- Must be a U.S. Citizen and currently residing in the United States.
- Must possess or be able to obtain a U.S. Government Secret or higher security clearance.
- If you hold a clearance will be verified during the interview
- One of the following certifications are required - CCNA Security, CySA+, GICSP, GSEC, Security+ CE, CND or SSCP.
- Bachelor's Degree in Computer Science, Engineering, or a related field, or 10 years of relevant experience in lieu of a degree.
- Minimum of 3 years of professional experience in a DevSecOps role, preferably supporting DoD or government agencies.
- Strong understanding of cloud-native architectures, microservices, and container orchestration platforms (Kubernetes, Docker, etc.).
- Experience with AWS, Azure, or Google Cloud Platform, and familiarity with auto-scaled cloud-based systems and serverless architectures.
- Experience in developing and maintaining CI/CD pipelines using Jenkins, GitLab, or similar tools.
- Proficiency in Infrastructure-as-Code (IaC) and Configuration-as-Code (CaC) using tools like Terraform, Ansible, and Packer.
- Advanced scripting skills in Bash, Python, or similar languages.
- Strong understanding of agile and DevSecOps methodologies and experience working in agile teams.
- Experience with security frameworks such as NIST RMF 800-53, and tools such as XACTA, EMASS.
- Familiarity with Platform One DevSecOps services, tools, and processes is highly preferred.
Desired Qualifications:
- Certified Information Systems Security Professional (CISSP) or Certified Cloud Security Professional (CCSP).
- Experience with DoD or government standards and policies.
- Close proximity to a military installation.
- Experience with MacOS and/or Linux and related toolsets.
- Ability to work independently and collaboratively within a cross-functional team.
GXM reserves the right to forward all materials submitted with applications to third parties that may be involved in the evaluation process.
An employee’s compensation and benefits are personal information. GXM will not discharge, or in any other manner, discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. 41 CFR § 60-1.35
GXM is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or military status.