As a DevSecOps Engineer, you will be responsible for designing, implementing, and maintaining secure, automated, and scalable DevSecOps solutions. You will work closely with development, security, and operations teams to integrate security best practices into the software development lifecycle while optimizing CI/CD pipelines, containerized deployments, and cloud infrastructure.
This position requires expertise in Kubernetes (RKE2/OpenShift), API security, Infrastructure as Code (IaC), secure containerization, and automated security compliance.
-
Automate and optimize secure service deployments in on-premise and cloud environments.
-
Design and implement GitOps workflows using GitLab CI/CD, ArgoCD, or FluxCD for secure and scalable deployments.
-
Develop and maintain Helm charts and Kubernetes manifests to standardize application deployments.
-
Implement security best practices within CI/CD pipelines to automate code scanning, vulnerability assessments, and security compliance.
-
Harden container images using FIPS-compliant security standards, leveraging UBI9-minimal and UBI9-micro base images.
-
Security & Compliance Integration
-
Apply zero-trust security principles to DevOps workflows, ensuring secure authentication, authorization, and encryption.
-
Automate security monitoring and implement runtime security enforcement within Kubernetes environments.
-
Conduct regular security assessments, audits, and penetration testing to identify and mitigate vulnerabilities.
-
Integrate and manage enterprise authentication solutions (e.g., LDAP, Keycloak, OAuth, SAML) for secure access control.
-
Implement role-based access control (RBAC) and security policies for Kubernetes and cloud infrastructure.
-
Deploy, manage, and secure Kubernetes (RKE2, OpenShift) clusters for on-premise and cloud workloads.
-
Optimize containerized environments for performance, scalability, and security using custom Kubernetes operators.
-
Implement and maintain observability and logging solutions using Grafana, Prometheus, ELK, or OpenTelemetry.
-
Configure network policies, service meshes, and ingress controllers to enforce security policies.
-
Collaborate with cloud security teams to implement hardened cloud infrastructure and security configurations.
-
Develop and maintain Infrastructure as Code (IaC) solutions using Terraform and Ansible for consistent and scalable infrastructure management.
-
Automate system patching, updates, and compliance policies across containerized and VM-based environments.
-
Maintain up-to-date documentation of security controls, designs, and operational configurations.
-
Work closely with development, security, and operations teams to integrate DevSecOps best practices into the software development lifecycle.
-
Provide technical guidance and training to teams on secure coding, DevSecOps workflows, and infrastructure security.
-
Participate in incident response and forensic analysis to identify and mitigate security threats.
,
5+ years of experience in DevOps, DevSecOps, or Site Reliability Engineering (SRE).-
3+ years of hands-on experience with Kubernetes (RKE2, OpenShift, or similar orchestration platforms).
-
Strong knowledge of secure containerization and container security tools (e.g., Falco, Aqua Security, Trivy, Clair).
-
Experience building and managing CI/CD pipelines (GitLab CI/CD preferred) with integrated security testing and compliance scanning.
-
Strong expertise in Infrastructure as Code (IaC) tools such as Terraform and Ansible.
-
Experience with secure authentication solutions (e.g., OAuth, SAML, Keycloak, LDAP) for enterprise integration.
-
Proficiency in Python, Bash, or Go for automation and scripting.
-
Familiarity with API security, zero-trust security models, and RBAC implementation in Kubernetes.
-
Strong experience with monitoring and logging solutions (Grafana, Prometheus, ELK, OpenTelemetry, etc.).
-
Experience working with on-premise and cloud-based security solutions.
,
Experience with Kubernetes Operators and developing Custom Resource Definitions (CRDs).-
Experience with Go programming for Kubernetes-related development.
-
Familiarity with Service Mesh (Istio, Linkerd) for network security and traffic control.
-
Experience with AWS, Azure, or GCP security best practices and compliance frameworks.
-
Knowledge of SCAP, STIGs, and compliance automation tools.
-
Experience in incident response, forensic analysis, and cybersecurity frameworks (NIST, CIS, etc.).
-
Proficiency in policy-as-code frameworks such as Open Policy Agent (OPA).
,
Trevity is a Minority-Service-Disabled Veteran-Owned small business built on talent, teamwork, and trust. We are headquartered in the VA/MD/DC metropolitan area providing expertise in science and analytical services to the US Government.
Our promise to both customer and employee is to achieve a positive working relationship by establishing trust while committing to growing as a team. To achieve our vision of staying at the forefront of an ever-evolving environment, we will stay devoted to ensuring Trevity’s workforce has the proper training, tools, and skills needed to support the customer.
