Computer World Services Corp. (CWS) is seeking a highly motivated and technically skilled DevSecOps Engineer responsible for the analysis, design, implementation, automation, security, testing, deployment, and lifecycle management of enterprise applications and supporting infrastructure within the NIEHS environment.
The DevSecOps Engineer combines business systems analysis expertise with modern software engineering, infrastructure automation, cybersecurity, and platform operations capabilities to support secure, scalable, and highly available enterprise applications. This position serves as a key contributor in integrating development, security, and operations practices throughout the Software Development Lifecycle (SDLC), ensuring compliance with Federal security requirements and supporting enterprise modernization initiatives.
The DevSecOps Engineer works closely with software developers, database administrators, systems engineers, cybersecurity personnel, project managers, and business stakeholders to deliver secure, reliable, and automated application solutions supporting NIEHS mission requirements.
Key Tasks & Responsibilities
- Jenkins
- GitLab CI/CD
- GitHub Actions
- OpenText Fortify (SAST)
- Dynamic Application Security Testing (DAST)
- Software Composition Analysis (SCA)
- Secrets Management and Scanning Tools
- FISMA
- NIST 800-53
- NIST Secure Software Development Framework (SSDF)
- NIH and HHS security policies
- Zero Trust Architecture principles
Engineering and CI/CD Automation
• Design, implement, maintain, and optimize enterprise CI/CD pipelines supporting software development and deployment activities.
• Develop automated workflows for code integration, testing, security validation, packaging, release management, and deployment.
• Administer and support CI/CD platforms including:
• Support source code management platforms and branching strategies.
• Implement deployment automation across development, integration, testing, staging, and production environments.
• Monitor pipeline performance and continuously improve delivery efficiency and reliability.
• Migrate software builds through development, testing, integration, and production environments.
• Monitor deployment activities and remediate deployment failures within established service level agreements.
Infrastructure as Code and Automation
• Develop and maintain Infrastructure as Code (IaC) solutions using Terraform.
• Implement automated configuration management using Ansible.
• Develop reusable infrastructure modules, templates, and automation frameworks.
• Automate operational, administrative, and deployment processes.
• Support environment standardization and infrastructure modernization initiatives.
• Implement automated provisioning and configuration management capabilities across enterprise environments.
Container Platform Engineering
• Support containerized application deployments using Docker and Kubernetes platforms.
• Administer Rancher-managed Kubernetes environments.
• Manage container image lifecycle processes and private container registries.
• Implement container security best practices and vulnerability remediation procedures.
• Support runtime security monitoring and compliance initiatives.
• Assist application teams with container adoption, deployment patterns, and troubleshooting.
Application Security and Integration
• Integrate security controls and automated testing throughout the Software Development Lifecycle.
• Configure and maintain application security tools including:
• Review vulnerability findings and collaborate with development teams to remediate issues.
• Implement automated security gates and quality control processes.
• Support secure software development initiatives aligned with Federal security requirements.
• Promote DevSecOps best practices across development and operations teams.
Vulnerability Management and Compliance
• Support vulnerability management activities using Tenable and related security platforms.
• Conduct vulnerability assessments, remediation tracking, and risk analysis.
• Develop mitigation strategies when vulnerabilities cannot be remediated within required service levels.
• Coordinate mitigation approvals with Information System Security Officers (ISSOs).
• Implement approved mitigation plans following established change management procedures.
• Maintain compliance with:
• Support audit readiness and compliance reporting activities.
Required Technical Skills
CI/CD and Automation
• Jenkins
• GitLab CI/CD
• GitHub Actions
• Git-based Source Control
• Release Management
Infrastructure Automation
• Terraform
• Ansible
• Infrastructure as Code (IaC)
• Configuration Management
Container Technologies
• Docker
• Kubernetes
• Rancher
Security
• OpenText Fortify
• SAST
• DAST
• Software Composition Analysis (SCA)
• Secrets Management
• Tenable Vulnerability Management
Programming and Scripting
• Python
• JavaScript / TypeScript
• Java
• C#
• PHP
• REST APIs
Enterprise Platforms
• Windows Server
• Red Hat Enterprise Linux (RHEL)
• Microsoft SQL Server
• Oracle DatabaseEducation & Experience
- Bachelor’s degree in Computer Science, Information Systems, Engineering, or related field (or equivalent experience)
- Three (3) to seven (7) years of experience in DevOps, DevSecOps, Systems Engineering, Platform Engineering, Infrastructure Automation, or a related technical discipline.
- Experience building or supporting CI/CD pipelines in enterprise environments.
- Experience working with Git-based source control systems.
- Experience supporting Windows and Linux environments.
- Experience developing automation scripts and tools.
Education
Experience
Certifications
- Security+
- Terraform Associate
- Certified Kubernetes Application Developer (CKAD)
- Certified Kubernetes Administrator (CKA)
- GitLab CI/CD Certification
- Azure Fundamentals or equivalent cloud certification
- Certified DevSecOps Professional
- ITIL Foundation
Security Clearance
- Applicants must be able to obtain a Public Trust clearance
Computer World Services is an affirmative action and equal employment opportunity employer. Current employees and/or qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, disability, protected veteran status, genetic information or any other characteristic protected by local, state, or federal laws, rules, or regulations.
Computer World Services is committed to the full inclusion of all qualified individuals. As part of this commitment, Computer World Services will ensure that individuals with disabilities (IWD) are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact Human Resources at [email protected].
Skills Required
- Bachelor's degree in Computer Science, Information Systems, Engineering, or related field (or equivalent experience)
- Three (3) to seven (7) years of experience in DevOps/DevSecOps/Systems or Platform Engineering
- Experience building or supporting CI/CD pipelines (Jenkins, GitLab CI/CD, GitHub Actions)
- Experience with Git-based source control and branching strategies
- Terraform (Infrastructure as Code) experience
- Ansible or automated configuration management experience
- Container expertise: Docker and Kubernetes; experience with Rancher-managed Kubernetes
- Application security tooling experience (OpenText Fortify or SAST, DAST, SCA, secrets scanning)
- Vulnerability management experience (Tenable) and remediation coordination
- Programming/scripting: Python and familiarity with JavaScript/TypeScript, Java, C#, or PHP
- Experience supporting Windows Server and Red Hat Enterprise Linux environments
- Experience with enterprise databases (Microsoft SQL Server, Oracle Database)
- Ability to obtain a Public Trust clearance
- Security+, Terraform Associate, CKA/CKAD, GitLab or cloud fundamentals (listed certifications)
- Knowledge of federal compliance frameworks (FISMA, NIST 800-53, NIST SSDF) and Zero Trust principles
What We Do
Computer World Services Corp. (CWS) is a provider of enterprise-wide IT solutions, digital transformation, and process optimization services. With over 30 years of experience, the company serves both Defense and Civilian federal government customers, focusing on delivering quality, value, and technological innovation. They are recognized for their consistent performance and high ratings in federal programs, maintaining a commitment to integrity and excellence in their service delivery.
