Sr. DevSecOps Engineer III (6473)

As a Sr. DevSecOps Engineer III, you’ll play a critical role in designing, implementing, and maintaining secure and efficient software development and deployment pipelines. You will collaborate with cross-functional teams to integrate security practices seamlessly into the development and operations lifecycle, ensuring the delivery of high-quality, secure, and reliable software solutions.

We know that you can’t have great technology services without amazing people. At MetroStar, we are obsessed with our people and have led a two-decade legacy of building the best and brightest teams. Because we know our future relies on our deep understanding and relentless focus on our people, we live by our mission: A passion for our people. Value for our customers.

What you’ll do:

• Collaborate with customers and internal teams to design and implement automatic technical solutions across multiple classification environments, working independently or as part of the team to address complex technical requirements.
• Develop CI/CD pipelines from scratch in GitLab CI/CD and Jenkins with integrated security scanning and STIG compliance validation, providing expert guidance to development teams on pipeline troubleshooting and implementing DevSecOps best practices.
• Create and maintain Infrastructure as Code (IaC) templates primarily using CloudFormation to architect highly available, resilient, and secure DevSecOps tool infrastructure across AWS environments (GovCloud, C2S, TC2S) while ensuring STIG compliance and guiding junior engineers on IaC best practices.
• Lead advanced troubleshooting efforts by analyzing system and application logs using Linux command-line tools, conducting root cause analysis for complex issues, and developing mitigation strategies for service degradation.
• Provide expert security guidance to development teams on secure coding practices, STIG compliance, vulnerability remediation, and other best practices in support of their ATO efforts.
• Mentor junior engineers through code reviews, technical guidance, and knowledge sharing while maintaining technical documentation, promoting best practices, and fostering continuous team improvement.

What you’ll need to succeed:

• Active TS/SCI with CI Poly security clearance.
• Certification to meet DoD 8140/8570 (e.g., Security+, GSEC, SSCP, etc).
• 10+ years of experience as a DevSecOps Engineer or similar role, with a focus on infrastructure automation, scalability, and reliability across the software development lifecycle; additionally, experience delivering DevSecOps services across multiple classified domains.
• Strong experience with DevOps, CI/CD Pipelines, Containerization, and other automation tools (e.g., Jenkins, GitLab CI/CD, Docker, etc).
• Strong experience with Infrastructure-as-Code (IaC) tools (e.g., Terraform or CloudFormation, and/or Ansible).
• Strong experience with scripting languages (e.g., Python, Bash), in a Linux environment (e.g., RHEL, Oracle Linux, or similar).
• Understanding of AWS capabilities (e.g., EC2, S3, IAM, RDS, etc) and architecting secure cloud-based infrastructure and services (Azure/GCP is a plus).

SALARY RANGE: $190,000 - $220,000

The salary range for this position is determined based on qualifications, skills, and relevant experience. The final salary offered will be determined based on several factors including: 

• The candidate's professional background and relevant work experience
• The specific responsibilities of the role and organizational needs
• Internal equity and alignment with current team compensation
• This role is also eligible for additional compensation, subject to the terms and policies of MetroStar, which may include:
• Performance-based bonuses
• Company-paid training and/or certifications
• Referral bonuses