Senior Artifact Scanning & Policy Engineer

Reposted 15 Days Ago
Be an Early Applicant
3 Locations
In-Office
Senior level
Artificial Intelligence • Cloud • Information Technology • Security • Software
The Role
The Senior Artifact Scanning & Policy Engineer ensures the integrity and compliance of AI artifacts in deployment pipelines, focusing on security, vulnerability assessments, and policy enforcement across multiple classified environments.
Summary Generated by Built In
Job Summary & Responsibilities

Everforth ECS is seeking a Senior Artifact Scanning & Policy Engineer to work in the National Capital Region covering the Pentagon, Falls Church, and Fairfax. Please Note: This position is contingent upon contract award.

The War Data Platform (WDP) is a key initiative within the U.S. Department of War's (DoW) AI-First strategy introduced in early 2026. The WDP focuses on operational warfighting data and aims to accelerate the deployment of artificial intelligence (AI) on the battlefield. The WDP extends to Unclassified, Secret, and Top Secret environments, and supports collaboration between Combatant Commands, Joint Staff directorates, Senior Executive Service leaders, and operational analysts.

This role implements scanning stages and policy-as-code enforcement for AI and machine-learning serving artifacts within WDP Core Integration deployment pipelines, maintaining enclave-parity scanning standards and supply-chain integrity across Unclassified, SIPR, and JWICS environments to protect mission-critical AI model deployments from vulnerability and configuration risk.

• Implements scanning stages and policy-as-code enforcement for artificial intelligence and machine-learning serving artifacts within unclassified War Data Platform (WDP) Core Integration deployment pipelines supporting Department of War missions, Joint Staff analysts, Combatant Command elements, and Senior Executive Service leadership.
• Develops scanning logic, rule sets, and enforcement patterns that validate artifact integrity, security posture, dependency provenance, and configuration compliance prior to deployment.
• Applies Kubernetes, GitLab Continuous Integration, SonarQube, Tenable Nessus, Elastic Stack, VMware environments, and hardened artifact repositories to execute vulnerability assessments, integration checks, and policy-driven gating actions.
• Conducts rule tuning, signature refinement, and policy updates to maintain alignment with evolving mission assurance requirements, cross-domain security architectures, and enterprise DevSecOps standards.
• Maintains higher-domain parity for scanning and policy enforcement across SIPR and JWICS enclaves by adapting rule sets, resolving enclave-specific constraints, and coordinating exception-handling workflows with multi-national engineering teams and cross-service mission partners.
• Produces mission-critical deliverables—including scanning policy documentation, policy-as-code modules, exception-handling records, vulnerability disposition reports, operational risk assessments, and deployment-readiness artifacts.
• Strengthens program value by advancing supply-chain integrity, reinforcing deployment consistency, and supporting continuous release operations across all enclaves.
• Supports Tier-4 incident-response actions by providing authoritative scanning evidence, policy-compliance documentation, and remediation guidance required for operational continuity and sustained mission performance.
• Performs other duties as assigned.

Preferred Qualifications

• Current Secret security clearance with the ability to obtain and maintain a Top Secret (TS) security clearance.
• CompTIA A+ certification.
• Minimum 10 years of experience implementing artifact scanning frameworks, policy‑as‑code enforcement, and DevSecOps pipeline security controls within classified or federal multi‑enclave environments.
• Demonstrated hands‑on experience with vulnerability‑scanning and pipeline‑security tools—including Kubernetes, GitLab CI, SonarQube, and Tenable Nessus—with a proven ability to develop rule sets, tune signatures, and enforce policy‑driven gating actions across AI/ML artifact deployment pipelines.
• Proven ability to maintain enclave‑parity scanning and policy enforcement across NIPRNet, SIPRNet, and JWICS, including experience adapting rule sets to resolve enclave‑specific constraints and managing exception‑handling workflows in collaboration with multi‑national engineering partners.
• Strong problem‑solving and decision‑making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution.
• Highly developed interpersonal and oral/written communication skills, with the ability to effectively and professionally interact with a diverse set of stakeholders (from peers to end‑users to executive management).

Skills Required

  • Minimum 10 years of experience implementing artifact scanning frameworks and DevSecOps pipeline security controls
  • Current Secret security clearance with the ability to obtain and maintain a Top Secret security clearance
  • Hands-on experience with vulnerability-scanning and pipeline-security tools

ECS Compensation & Benefits Highlights

The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about ECS and has not been reviewed or approved by ECS.

  • Healthcare Strength ECS advertises multiple national-network medical plan options with HSA eligibility alongside dental and vision coverage. Coverage generally begins quickly and is paired with company-paid short- and long-term disability, adding stability to the health package.
  • Retirement Support A 401(k) with Safe Harbor and immediate vesting on employer contributions is emphasized, with an employer match available. Access to an employee stock purchase plan via the parent company provides an additional savings avenue.
  • Parental & Family Support Paid parental leave up to 30 days, adoption assistance, and other family-oriented leaves are highlighted. Feedback suggests these offerings add meaningful value beyond base pay for many roles.

ECS Insights

Am I A Good Fit?
beta
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company
HQ: Elkhorn, NE
2,129 Employees
Year Founded: 1993

What We Do

ECS, a segment of ASGN (NYSE: ASGN), delivers advanced solutions and services in cloud, cybersecurity, artificial intelligence (AI), machine learning (ML), application and IT modernization, and science and engineering. The company solves critical, complex challenges for customers across the U.S. public sector, defense, intelligence and commercial industries. ECS maintains partnerships with leading cloud, cybersecurity, and AI/ML providers and holds specialized certifications in their technologies. Headquartered in Fairfax, Virginia, ECS has more than 3,400 employees throughout the U.S. and has been recognized as a Top Workplace by The Washington Post for the last five years.

Similar Jobs

Hybrid
Richmond, VA, USA
205000 Employees

Wells Fargo Logo Wells Fargo

Relationship Banker - Norfolk area

Fintech • Financial Services
Hybrid
Norfolk, VA, USA
205000 Employees
Hybrid
McLean, VA, USA
205000 Employees
159K-305K Annually
Hybrid
Glen Allen, VA, USA
205000 Employees

Similar Companies Hiring

Golden Pet Brands Thumbnail
Digital Media • eCommerce • Information Technology • Marketing Tech • Pet • Retail • Social Media
El Segundo, California
178 Employees
Kepler  Thumbnail
Fintech • Software
New York, New York
6 Employees
Onshore Thumbnail
Artificial Intelligence • Fintech • Software • Financial Services
New York, New York
60 Employees

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account