DevSecOps Engineer

Position: DevSecOps Engineer

Location: Remote / Alexandria, VA

Clearance: Preferred US Gov Secret or above clearance (not a hard requirement)

Whitespace is dedicated to delivering innovative technological solutions that meet the highest standards of security and compliance. We are seeking a highly experienced Senior DevSecOps Engineer to join our team and play a key role in strengthening our cybersecurity posture and supporting federal compliance requirements.

We are seeking a DevSecOps Engineer with deep expertise in DoD DevSecOps Reference Architecture, secure CI/CD implementation, and Defense cloud environments (AWS GovCloud, Azure Government, DoD Cloud or Air gapped environments). The ideal candidate combines hands-on engineering capability with a strong understanding of DoD cybersecurity requirements, RMF compliance, and infrastructure automation.

The Senior DevSecOps Engineer will lead efforts to integrate security practices into our development and operations processes, with a primary focus on assisting the company in obtaining and maintaining a DoD/DoW Authorization to Operate (ATO). If you're passionate about making a difference in the world and being part of groundbreaking technology in national security, this position is for you!

This position is 100% remote! We're looking for a candidate who is a U.S. citizen and resides in the contiguous United States. You'll be a W-2 employee of GeoDelphi, Inc., and we do not accept third-party applications. This role requires less than 10% travel.

Position: DevSecOps Engineer Location: Remote / Alexandria, VA Clearance: Preferred US Gov Secret or above clearance (not a hard requirement) Whitespace is dedicated to delivering innovative technological solutions that meet the highest standards of se...

1. Secure CI/CD and Cloud Infrastructure

• Design, implement, and maintain secure CI/CD pipelines aligned with DoD Enterprise DevSecOps Reference Design (DSOP).
• Automate deployment of secure environments using Terraform, Ansible, or CloudFormation for DoD or FedRAMP-compliant systems.
• Integrate static code analysis (SAST), dynamic testing (DAST), container scanning and various security toolsets within pipelines to enforce continuous compliance.

2. Security Baselines & Compliance Integration

• Implement and manage DoD STIGs, DISA baselines, and RMF controls in Infrastructure as Code (IaC).
• Translate DoD security controls into automated enforcement and validation within development pipelines.
• Develop scripts and tools for compliance validation (e.g., OpenSCAP, Chef InSpec, PowerSTIG).
• Help co-develop & maintain technical documentation for RMF authorization and continuous monitoring processes.

3. Automation & Toolchain Management

• Implement and manage DevSecOps tools such as GitLab, Jenkins, ArgoCD, Harbor, Nexus, SonarQube, Anchore, etc.
• Automate container security and orchestrate deployments using Kubernetes (Big Bang, Iron Bank images or similar.
• Manage secret storage, credential rotation, and logging using Vault, DoD-approved KMS, or AWS Secrets Manager.

4. Collaboration and Governance

• Work closely with security, development, and operations teams to ensure alignment with DoD RMF, NIST SP 800-53, and/or FedRAMP.
• Collaborate with Information System Security Officers (ISSOs), Information Systems Security Managers (ISSMs) and Security Control Assessors for ATO package development.
• Serve as an internal primary subject matter expert in federal compliance standards and cybersecurity practices.

EXPERIENCE

• Bachelor’s degree in Computer Science or related field (or equivalent experience).
• 7+ years of hands-on experience with DevSecOps in AI/ML or data-intensive systems.
• Familiarity with OpenShift or Kubernetes security hardening.
• Knowledge of Zero Trust Architecture (ZTA) concepts.
• Proven experience managing and driving successful ATO processes.
• Expertise with DevSecOps tools, practices, and frameworks.
• Strong understanding of federal security compliance standards (e.g., NIST 800-53, RMF, FedRAMP).
• Hands-on experience with cloud environments (AWS, Azure, or GCP) and containerization (Docker, Kubernetes).
• Strong scripting and automation skills (Python, Bash, or similar).
• Excellent leadership, communication, and documentation abilities.
• Active security clearance or eligibility to obtain one.

DESIRED SKILLS

• Previous experience directly supporting government contracting or federal agencies.
• Relevant certifications such as: Certified Kubernetes Administrator (CKA), AWS Certified Security or DevOps Engineer, HashiCorp Certified Terraform Associate

Position: DevSecOps Engineer

Location: Remote / Alexandria, VA

Clearance: Preferred US Gov Secret or above clearance (not a hard requirement)

Whitespace is dedicated to delivering innovative technological solutions that meet the highest standards of security and compliance. We are seeking a highly experienced Senior DevSecOps Engineer to join our team and play a key role in strengthening our cybersecurity posture and supporting federal compliance requirements.

We are seeking a DevSecOps Engineer with deep expertise in DoD DevSecOps Reference Architecture, secure CI/CD implementation, and Defense cloud environments (AWS GovCloud, Azure Government, DoD Cloud or Air gapped environments). The ideal candidate combines hands-on engineering capability with a strong understanding of DoD cybersecurity requirements, RMF compliance, and infrastructure automation.

The Senior DevSecOps Engineer will lead efforts to integrate security practices into our development and operations processes, with a primary focus on assisting the company in obtaining and maintaining a DoD/DoW Authorization to Operate (ATO). If you're passionate about making a difference in the world and being part of groundbreaking technology in national security, this position is for you!

This position is 100% remote! We're looking for a candidate who is a U.S. citizen and resides in the contiguous United States. You'll be a W-2 employee of GeoDelphi, Inc., and we do not accept third-party applications. This role requires less than 10% travel.

Position: DevSecOps Engineer Location: Remote / Alexandria, VA Clearance: Preferred US Gov Secret or above clearance (not a hard requirement) Whitespace is dedicated to delivering innovative technological solutions that meet the highest standards of se...

1. Secure CI/CD and Cloud Infrastructure

• Design, implement, and maintain secure CI/CD pipelines aligned with DoD Enterprise DevSecOps Reference Design (DSOP).
• Automate deployment of secure environments using Terraform, Ansible, or CloudFormation for DoD or FedRAMP-compliant systems.
• Integrate static code analysis (SAST), dynamic testing (DAST), container scanning and various security toolsets within pipelines to enforce continuous compliance.

2. Security Baselines & Compliance Integration

• Implement and manage DoD STIGs, DISA baselines, and RMF controls in Infrastructure as Code (IaC).
• Translate DoD security controls into automated enforcement and validation within development pipelines.
• Develop scripts and tools for compliance validation (e.g., OpenSCAP, Chef InSpec, PowerSTIG).
• Help co-develop & maintain technical documentation for RMF authorization and continuous monitoring processes.

3. Automation & Toolchain Management

• Implement and manage DevSecOps tools such as GitLab, Jenkins, ArgoCD, Harbor, Nexus, SonarQube, Anchore, etc.
• Automate container security and orchestrate deployments using Kubernetes (Big Bang, Iron Bank images or similar.
• Manage secret storage, credential rotation, and logging using Vault, DoD-approved KMS, or AWS Secrets Manager.

4. Collaboration and Governance

• Work closely with security, development, and operations teams to ensure alignment with DoD RMF, NIST SP 800-53, and/or FedRAMP.
• Collaborate with Information System Security Officers (ISSOs), Information Systems Security Managers (ISSMs) and Security Control Assessors for ATO package development.
• Serve as an internal primary subject matter expert in federal compliance standards and cybersecurity practices.

EXPERIENCE

• Bachelor’s degree in Computer Science or related field (or equivalent experience).
• 7+ years of hands-on experience with DevSecOps in AI/ML or data-intensive systems.
• Familiarity with OpenShift or Kubernetes security hardening.
• Knowledge of Zero Trust Architecture (ZTA) concepts.
• Proven experience managing and driving successful ATO processes.
• Expertise with DevSecOps tools, practices, and frameworks.
• Strong understanding of federal security compliance standards (e.g., NIST 800-53, RMF, FedRAMP).
• Hands-on experience with cloud environments (AWS, Azure, or GCP) and containerization (Docker, Kubernetes).
• Strong scripting and automation skills (Python, Bash, or similar).
• Excellent leadership, communication, and documentation abilities.
• Active security clearance or eligibility to obtain one.

DESIRED SKILLS

• Previous experience directly supporting government contracting or federal agencies.
• Relevant certifications such as: Certified Kubernetes Administrator (CKA), AWS Certified Security or DevOps Engineer, HashiCorp Certified Terraform Associate