We are seeking a Platform Engineer to implement and maintain secure DevSecOps platform infrastructure supporting mission-critical government systems. This role combines DevOps practices with platform engineering to build automated secure and scalable cloud-native infrastructure. The ideal candidate will implement build deployment and monitoring standards while providing platform support to ensure our infrastructure meets DoD compliance and Risk Management Framework RMF requirements. This position works directly with the platform team and collaborates with development teams, security teams, and cloud operations. Must be a US citizen and an active TSSCI security clearance is required for this position. Sign-on bonus available.
Responsibilities include:
• DevSecOps Pipeline Development and Automation Implement and maintain automated and secure DevSecOps pipelines with integrated security controls throughout the software delivery lifecycle. Assist developers in building scanning and testing systems through automated pipeline integration and continuous integration/continuous deployment (CICD) processes. Develop DevSecOps tools and techniques to support comprehensive automated deployment workflows. Follow and implement best practices for DevSecOps actions and ensure adherence to established standards. Support continuous integration and continuous deployment (CICD) processes with integrated security controls.
• Infrastructure as Code and Cloud Management Automate deployment and maintenance of solutions across multiple Azure cloud instances using Terraform, ARM, Bicep, and other IaC tooling based on guidance from senior engineers and architects. Implement infrastructure consistency and repeatability through automated processes. Develop automated deployment solutions in accordance with guidelines set by Lead Architects and senior platform engineers. Collaborate with Cloud Ops/VDI Team to optimize cloud resource utilization, performance, and cost management through automated solutions. Ensure infrastructure deployments comply with security requirements and organizational standards through automated validation. Support development and automation of system failover, high availability, and application deployment/upgrade availability models.
• Security Integration and Compliance Incorporate security controls and automated security scans to conform to Risk Management Framework (RMF) security requirements. Work as part of an Agile development team to ensure that the organizations data network and IT infrastructure are safe and free from security threats. Integrate automated security scanning, vulnerability assessment, and compliance checking throughout deployment pipelines. Collaborate with CyberATO team on security control implementation and continuous compliance monitoring. Maintain familiarity with RMF/DIACAP accreditation processes and ensure pipeline compliance. Support cybersecurity documentation completion in accordance with DoD and USAF policy. Integrate security compliance into automated infrastructure provisioning and management.
• Container and Orchestration Security Management Implement containerization strategies using Docker and Azure Kubernetes Services (AKS) with integrated security controls. Support container security scanning, image vulnerability management, and secure container lifecycle processes. Configure and maintain container orchestration for security, scalability, and performance. Implement container security best practices and automated vulnerability remediation. Support development teams with secure containerization guidance and troubleshooting. Maintain cybersecurity performance and functions across infrastructure components.
• Monitoring, Reporting, and Observability Work with development teams to develop monitoring and reporting capabilities using Azure Monitor and other observability tools to allow developers, testers, and stakeholders to observe system availability and performance. Support establishment of security and performance baselines with automated alerting for compliance and operational health. Implement automated monitoring solutions for deployment pipeline health and security compliance.
• Platform Support and Collaboration Provide technical support for the platform, troubleshooting issues, and escalating complex problems as needed. Participate in an Agile development environment, collaborating with cross-functional teams to deliver secure platform capabilities. Work with senior platform engineers to understand technical requirements and implement effective solutions. Other duties as assigned.
Technical Experience & Qualifications:
Must be a US citizen. Education: Bachelors degree in Computer Science, Information Technology, Engineering, or related technical field. Experience: Minimum 3 years of professional experience in DevOps platform engineering or infrastructure automation. Security Clearance: Active TSSCI clearance required for this position. Cloud Platforms: Hands-on experience with Azure cloud services and architecture; AWS experience is a plus. Infrastructure as Code: Working proficiency with Terraform, ARM templates, Bicep, or similar IaC tools. CICD Pipelines: Experience implementing and maintaining automated CICD pipelines with security controls. Containerization: Practical experience with Docker and container orchestration platforms; Azure Kubernetes Services (AKS) exposure preferred. Security & Compliance: Understanding of DevSecOps practices, RMF, DIACAP processes, and DoD/USAF security requirements. Automation: Experience automating infrastructure deployment, configuration management, and operational processes. Scripting: Scripting proficiency in scripting languages (PowerShell, Python, Bash) for automation tasks. Version Control: Strong Git experience with understanding of branching strategies and workflows. Monitoring & Observability: Experience with Azure Monitor, Log Analytics, or similar monitoring platforms. Container Security: Knowledge of container security practices and vulnerability management. Agile Methodologies: Experience working in Agile development environments and collaborating with cross-functional teams. Problem-Solving: Ability to troubleshoot infrastructure and platform issues effectively.