• Official Communication: All job offers and communication regarding them will arrive from email addresses ending in @innovateteam.com.
• Secure Information: We prioritize your data safety. We never request bank information via email or text. Instead, we follow a secure process through our dedicated payroll system.

DevSecOps Engineer

Embrace the opportunity to join Innovate! Inc. and become a valued member of our team. We are seeking a driven individual who is passionate about leveraging technology to tackle environmental challenges and drive positive change. If you thrive in a collaborative, fast-paced environment and are eager to contribute your skills and expertise to innovative projects, we invite you to explore this exciting opportunity further. Read on to learn more about how you can be part of our dynamic team.

We’re seeking a DevOps Engineer to build and run secure, scalable CI/CD pipelines and cloud platforms for enterprise applications. You’ll use Infrastructure as Code to provision and manage environments, automate deployments, and optimize performance and reliability across AWS/Azure (including government regions). In close partnership with developers, architects, and cybersecurity, you’ll embed security into the SDLC and ensure compliance with FedRAMP and agency requirements. If you enjoy shipping fast, safely, and at scale, this role is for you.

*US Citizenship Required*

Location: Candidate can work remotely

Salary range: $80000-$100000 annually

Position status: Full Time; with benefits

Benefits include: Medical, Dental, Vision, 401K with match, Life Insurance, and PTO

Key Responsibilities

• Design, build, and maintain secure, reliable CI/CD pipelines (e.g., Jenkins, GitLab CI, GitHub Actions, Azure DevOps) to enable frequent, low-risk releases.
• Implement and manage Infrastructure as Code (IaC) using Terraform/CloudFormation/ARM/Bicep; enforce version control, code reviews, and modular standards.
• Operate and harden enterprise cloud environments (AWS/Azure—including GovCloud/Government) with a focus on scalability, cost optimization, and high availability.
• Containerize and orchestrate applications (Docker, Kubernetes/EKS/AKS); manage Helm charts and GitOps workflows (Argo CD/Flux).
• Automate environment provisioning, configuration management, and drift remediation (Ansible/Puppet/Chef; SSM/Azure Automation).
• Embed security in the SDLC: integrate SAST/DAST/secret scanning, image scanning, SBOM generation, and policy-as-code (OPA/Conftest/Checkov).
• Implement and monitor SLIs/SLOs; build robust observability (CloudWatch/Azure Monitor, Prometheus/Grafana, ELK/EFK, Splunk) to reduce MTTR and improve uptime.
• Manage identity, access, and secrets (IAM/AAD, KMS/Key Vault, Vault); apply least privilege and zero-trust patterns.
• Ensure compliance with FedRAMP (NIST 800-53), and agency requirements (DOI, USDA); support ATO/SSP control implementation and evidence collection.
• Partner with developers, architects, and cybersecurity teams to streamline workflows, resolve deployment issues, and guide cloud-native patterns.
• Conduct performance tuning, capacity planning, and cost governance (FinOps) across environments.
• Build and test backup/restore, DR, and incident response runbooks; participate in on-call rotations and post-incident reviews.
• Maintain network/security baselines (VPC/VNet design, routing, load balancers, WAFs, security groups/NSGs) and enforce CIS/STIG benchmarks.
• Create clear documentation and internal enablement materials for platforms, pipelines, and standards.

Required Qualifications

• 4–7+ years in DevOps/SRE/Platform Engineering roles supporting enterprise cloud applications.
• Hands-on with IaC (Terraform or CloudFormation/ARM/Bicep) and Git-based workflows.
• Proven experience operating CI/CD pipelines and release automation for multi-env (dev/test/prod) deployments.
• Strong container/Kubernetes skills (workloads, networking, storage, Helm); Docker proficiency.
• Solid Linux administration and scripting (Python, Bash; PowerShell for Windows/Azure).
• Practical knowledge of FedRAMP/NIST 800-53 controls and secure SDLC practices.
• Experience with monitoring, logging, and tracing stacks; competency setting SLIs/SLOs and alerting.
• Cloud networking fundamentals (VPC/VNet, subnets, peering, VPN/ExpressRoute/Direct Connect, load balancers).
• Excellent collaboration and communication skills working across dev, security, and infrastructure teams.
• Eligibility to obtain a Public Trust (DOI/USDA) and work on U.S. federal projects.

Preferred Qualifications

• Prior support of FedRAMP-authorized systems and ATO packages (SSP, POA&M, control evidence).
• AWS/Azure certifications (e.g., Solutions Architect, DevOps Engineer); HashiCorp Terraform Associate; CKA/CKAD.
• Security certifications (Security+, CCSK, CISSP or equivalent exposure).
• Experience in GovCloud/Azure Government, boundary controls, and cross-domain patterns.
• Policy-as-code and compliance automation (OPA, Conftest, Checkov, Terraform Cloud/Enterprise Sentinel).
• Image/scanner and supply-chain tooling (Trivy, Anchore, Grype, Syft, Sigstore/Cosign).
• Secrets and key management at scale (Vault Enterprise, KMS/Key Vault, rotation policies).
• Service mesh and advanced Kubernetes ops (Istio/Linkerd, HPA/VPA, node autoscaling, disruption budgets).
• Data-plane/edge security (WAF, API gateways, mTLS) and zero-trust architecture patterns.
• Experience with cost optimization/FinOps dashboards and budget guardrails.

LEARN MORE ABOUT US

Innovate! Inc. is a certified woman-owned consulting firm founded in 2002 by Lily Thomas. We provide innovative solutions to management, technology, and program challenges, with a focus on performance, integrity, and building lasting partnerships with our clients. Our team of over 100 experts includes IT and geospatial specialists, program and project management consultants, environmental scientists, and communications and outreach strategists. Our clients include federal, state, tribal, and local governments, private industry, non-profit organizations, higher education institutions, and utilities. Recent awards we received for excellent service include the 2022 SAG Team Award and 2022 Esri Partner Conference High Potential Award.

Innovate is a fast-paced, rapidly growing group of entrepreneurs creating a culture of excellence. Rapid advancement within our organization is not only possible but also encouraged. To view our website, visit innovateteam.com.

Innovate is an equal opportunity employer and does not discriminate against any employee or applicant for employment based on race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law. If you have a disability and require reasonable accommodation to complete any part of the application process or cannot access or use this online application process and need an alternative method for applying, please contact us at [email protected].