DevSecOps Engineer

Spektrum supports apex purchasers (NATO, UN, EU and National Government and Defence) and their Tier 1 supplier ecosystem with a wide range of specialist services. We provide our clients with professional services, specialised aerospace and defence sales, delivery, and operational subject matter expertise. We are looking for personnel to join our team and support key client projects.

Who we are supporting

Allied Command Transformation (ACT) is NATO’s leading agent for change: driving, facilitating, and advocating the continuous improvement of Alliance capabilities to maintain and enhance the military relevance and effectiveness of the Alliance. The main objectives of ACT are: providing appropriate support to NATO missions and operations; leading NATO military transformation; and improving relationships, interaction and practical cooperation with partners, nations and international organisations. ACT therefore leads Alliance concept development, capability development, training and lessons-learned initiatives and provides unfettered military support to policy development within NATO.

The program 

Capability Development & Management Support (CDMS)

 DCOS Capability Development (CAPDEV) acts as the Supreme Allied Commander Transformation's Director for guidance, direction and coordination of the activities and resources of the Capability Development Directorate.

The Requirements Division will execute all tasks and activities needed to support requirements management for NATO capabilities

The Capability Requirements (CR) Branch will develop the Capability Requirements Brief and recommended courses of action to resolve issues through the life cycle management of requirements using matrixed, cross-functional project-specific Requirements Management teams.

The Requirements Forward Branch (Mons) is responsible for conducting requirements development and management representation and engagement-related functions in Europe.

The Capability Division coordinates the development of capabilities from capability planning through acceptance and then disposal with management entities, NATO Headquarters staff and the NATO Governance Structure

The Capability Forward Branch (Mons) coordinates with ACO, NCIA, NSPA, NATO HQ, territorial Host Nations, and NATO Centres of Excellence (COEs) to support the development of capabilities.

Strategic Plans and Policy (SPP) supports Allied Command Transformation in formalizing military advice to shape future military strategy, political guidance, and other policy documents supporting NATO’s strategic objectives.

Role ID: ACT-CDMS-26-02-B-12

Role Duties and Responsibilities 

• Deploy and operate containerized services using orchestration frameworks to ensure scalability and resilience.
• Automate infrastructure through Infrastructure as Code (IaC) to provide consistent and repeatable environments.
• Deploy and monitor workloads in cloud environments (AWS, Azure, Google Cloud, VMware, OpenStack).
• Implement site reliability engineering (SRE) and observability practices to ensure resilience, monitoring, logging, metrics, and distributed tracing.
• Support high-throughput and service-oriented architectures, ensuring resilient and scalable deployments.
• Deliver incremental capabilities in Agile and DevSecOps environments following frameworks such as Scrum, SAFe, or Kanban.
• Design and manage secure networking and service meshes (TLS, Istio, Linkerd, API gateways) to ensure encrypted and reliable service-to-service communication.
• Apply zero-trust principles and compliance automation to enforce security policies and validate system compliance.
• Manage identity and access using secure methods for secrets, tokens, certificates, and least privilege access control.

 Essential Skills and Experience

• Minimum 4 years of experience with containerization and orchestration (Docker, Kubernetes, OpenShift).
• Minimum 4 years of experience in designing and maintaining CI/CD pipelines with automated testing and security validation.
• Experience with Infrastructure as Code (Terraform, Ansible, Helm, Pulumi).
• Experience deploying and securing workloads in hybrid/public cloud environments (AWS, Azure, Google Cloud, VMware, OpenStack).
• Experience implementing site reliability engineering and observability practices (Prometheus, Grafana, ELK/Loki, OpenTelemetry).
• Experience implementing scalable, resilient, high-throughput systems and service-oriented architecture.
• Experience delivering capabilities in Agile/DevSecOps environments (Scrum, SAFe, Kanban).
• Experience designing and managing secure networking and service mesh (TLS, Istio, Linkerd, API gateways).
• Experience applying zero-trust principles and compliance automation (OPA, Kyverno, SBOM, CIS benchmarks).
• Experience managing secrets and access policies using modern IAM solutions (Vault, AWS KMS, Azure Key Vault, RBAC/ABAC).

 Language Proficiency

• Advanced Proficiency in English

 Working Location

• Norfolk, VA, USA

Working Policy

• On-Site

Contract Duration

• May 2026 – December 2030

Security Clearance

• Valid National or NATO Secret personal security clearance