DevSecOps Engineer – Intelligent Platforms & Agents

Position Overview

At Leidos, we are advancing mission-critical platforms that simulate, interact with, and act on complex technical and business environments. These platforms enable teams to engage with network operations, automate business processes, and gain insight through intent-driven and agent-based systems.

The team operates with a strong belief in "everything as code," using version-controlled artifacts and automation to manage not only infrastructure and software, but also deployment pipelines, security controls, compliance artifacts, and operational workflows.

The DevSecOps Engineer is a hands-on practitioner responsible for building, automating, and sustaining the delivery infrastructure that enables mission-critical software to move fast without compromising compliance. You will actively build and maintain CI/CD pipelines, harden and manage Kubernetes environments, automate security compliance, and leverage AI as a force multiplier across the entire delivery lifecycle. When team capacity demands it, you will contribute directly to feature development — bringing a security-first perspective to application code.

Primary Responsibilities

• Design, implement, and maintain automated CI/CD pipelines that carry code from development through security scanning, compliance validation, and deployment into Navy and DoD environments
• Build and maintain hardened Kubernetes environments aligned to DISA STIG requirements across cloud and restricted network deployment contexts
• Automate security artifact generation including SBOM production, CVE scanning, and continuous compliance validation
• Drive adoption of Infrastructure as Code, GitOps practices, and controls-as-code across the team
• Leverage AI tooling to accelerate pipeline development, vulnerability triage, compliance remediation, and operational documentation
• Partner closely with software engineers, systems engineers, and ISSEs to embed security and compliance requirements from the start of development
• Maintain and evolve deployment infrastructure across multiple secure environments, including cloud and air-gapped or intermittently connected contexts
• Support ATO processes through automated evidence generation, documentation as code, and direct collaboration with the security team
• Establish and promote standards for pipeline design, container security, secrets management, and deployment consistency
• Contribute to feature development when team capacity requires, applying security-first development practices to application code
• Maintain operational documentation including runbooks, deployment guides, and architecture diagrams as version-controlled artifacts

Required Skills and Experience

• Must have and maintain a Secret security clearance
• BS degree and 4+ years of professional DevSecOps or DevOps engineering experience, 8+ years of total relevant experience.
• Hands-on experience designing and maintaining CI/CD pipelines using GitLab CI; experience with additional pipeline tools a plus
• Experience with Kubernetes administration and hardening in DoD or compliance-driven environments — RKE2 or K3S experience strongly preferred
• Experience implementing DISA STIG compliance in containerized and Linux environments (RHEL or Rocky Linux)
• Proficiency with Infrastructure as Code tooling, particularly Terraform
• Experience with Helm chart authoring and Kubernetes deployment management
• Experience with automated security scanning, SBOM generation, and CVE triage and remediation
• Scripting proficiency in Python or Bash for pipeline and operational automation
• Demonstrated use of AI tooling to accelerate engineering workflows
• Background contributing to application feature development alongside infrastructure work
• Ability to operate independently and manage workload across competing priorities in a small, fast-moving team

Preferred Qualifications

• Experience operating in air-gapped or disconnected network environments
• Experience supporting ATO through automation, documentation, and technical leadership
• Active Security+ certification or equivalent IAT Level II certification
• Experience with secrets management tooling such as Vault, Sealed Secrets, or SOPS
• Familiarity with observability and monitoring tools such as Prometheus or Grafana
• Certified Kubernetes Administrator (CKA) or willingness to obtain upon onboarding
• Experience applying “as code” approaches beyond infrastructure (e.g., configuration-as-code, policy-as-code, workflows-as-code, documentation-as-code)

AppMod

SMIT

If you're looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We're not hiring followers. We're recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We're already at step 30 — and moving faster than anyone else dares.

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.