DevSecOps ENGINEER with Security Clearance

Auto Import

Apply Now

DEVSECOPS ENGINEER WITH SECURITY CLEARANCE

Apply Now

COUNTRY

United States

FORMAT

Remote

Svitla Systems Inc. is looking for a DevSecOps Engineer for a full-time remote position (40 hours per week) in the USA. Our client is a cloud-native cybersecurity company that helps organizations automatically and continuously minimize the attack surface of their cloud workloads.

You'll design, deploy, and maintain secure, cloud-native infrastructure supporting Department of War customers. You will work across container platforms, CI/CD pipelines, and government cloud environments to deliver hardened, compliant software systems at scale. This role sits at the intersection of platform engineering, security, and DevSecOps and requires a strong understanding of DoW policies, toolchains, and accreditation processes.

This position supports U.S. Department of War programs and may require a valid security clearance. A candidate must be a U.S. citizen. Applicants are subject to a background investigation in accordance with federal requirements.

Technical Environment:

  • Container Orchestration: Kubernetes (EKS, AKS, RKE2, OpenShift);
  • Package Management: Helm, Kustomize;
  • Policy & Mesh: Istio, OPA Gatekeeper, Kyverno, Calico;
  • CI/CD: GitLab CI/CD, GitHub Actions, Jenkins;
  • Cloud: AWS GovCloud (East/West), Azure Government
  • Registries: Iron Bank/registry-1, Harbor, Quay, AWS ECR;
  • Observability: Prometheus, Grafana, Datadog, Loki, OpenTelemetry
  • Security Scanning: Trivy, Grype, Anchore, RapidFort, Twistlock/Prisma;
  • IaC: Terraform, Ansible, Crossplane.
REQUIREMENTS
  • 4+ years of hands-on experience with Kubernetes in production environments.
  • Demonstrated experience deploying and managing applications via Helm in multi-environment configurations.
  • Working knowledge of Istio, OPA Gatekeeper, Kyverno, or equivalent Kubernetes policy and service mesh tooling.
  • Knowledge of at least one major CI/CD platform: GitLab CI, GitHub Actions, Jenkins, or equivalent.
  • Hands-on experience with AWS and/or Azure cloud platforms, including IAM, networking, storage, and managed Kubernetes services (EKS, AKS).
  • Understanding of container image workflows: building, scanning, hardening, and distributing images via OCI registries.
  • Understanding of monitoring and observability tools, including Prometheus, Grafana, and/or Datadog.
  • Experience with Single Sign-On (SSO) and identity federation; familiarity with Keycloak or equivalent OIDC/SAML providers.
  • Active DoW security clearance (secret or higher).
NICE TO HAVE
  • Familiarity with Iron Bank, registry-1, Platform One, or Big Bang-based software factory environments.
  • Familiarity with GitLab Ultimate features, including security dashboards and dependency scanning.
  • Experience supporting Air Force, Space Force, Navy, or other military branch programs.
  • Exposure to software supply chain security tooling: Sigstore/cosign, vulnerability scanners, SBOM generation, and compliance scanning tools.
  • Prior experience working with Cato, continuous authorization, or Ongoing Authorization environments.
  • CKA, CKS, AWS GovCloud certifications, or equivalent credentials
  • Experience with AWS GovCloud and/or Azure Government.
  • Understanding of DoD compliance frameworks: NIST 800-53, STIGs, RMF, FedRAMP.
RESPONSIBILITIES
  • Design and maintain Kubernetes-based infrastructure, including cluster provisioning, RBAC configuration, network policy, and workload management.
  • Package and deploy applications using Helm charts; maintain chart repositories and manage release lifecycle across environments.
  • Implement and enforce policy controls using Istio service mesh, OPA Gatekeeper, Kyverno, and related Kubernetes admission controllers.
  • Build and maintain CI/CD pipelines using GitLab CI, GitHub Actions, Jenkins, or equivalent tooling; integrate automated security scanning and compliance gates.
  • Deploy and operate workloads on AWS GovCloud and Azure Government; architect for high availability, disaster recovery, and cross-region compliance requirements.
  • Manage and harden container images; integrate with Iron Bank, Platform One, and other DoW-approved registry sources.
  • Configure and maintain observability stacks, including Prometheus, Grafana, and Datadog; develop alerting, dashboards, and SLO frameworks.
  • Participate in ATO processes, support STIG/CIS compliance scanning, and contribute to System Security Plans (SSPs) and documentation artifacts.
  • Collaborate with development, security, and program teams to establish a
Back to blog