Senior DevSecOps Engineer

Overview

At Credence, we support our clients’ mission-critical needs, powered by technology. We provide cutting-edge solutions, including AI/ML, enterprise modernization, and advanced intelligence capabilities, to the largest defense and health federal organizations. Through partnership and trust, we increase mission success for war-fighters and secure our nation for a better future.

We are privately held, are repeatedly recognized as a top place to work, and have been on the Inc. 5000 Fastest Growing Private Companies list for the last 12 years. We practice servant leadership and believe that by focusing on the success of our clients, team members, and partners, we all achieve greater success.

We have an immediate need for a highly skilled Mid and Senior leveled DevSecOps Engineer(s) to support federal programs hosted on AWS GovCloud. This hybrid role in multi locations - the primary role in McLean, VA or Dayton OH requires expertise in DevSecOps best practices, cloud automation, security compliance, and continuous integration/continuous deployment (CI/CD) to enhance the security, scalability, and efficiency of mission-critical applications.

Requirements

• AWS GovCloud Architecture & Management: Design, implement, and maintain secure, scalable, and compliant AWS GovCloud environments for DoD and Civilian agency applications.
• DevSecOps Pipeline Development: Build and optimize CI/CD pipelines using tools like GitLab CI/CD, Jenkins, AWS CodePipeline, and Terraform to automate deployments and security compliance.
• Security & Compliance: Ensure adherence to Federal cybersecurity frameworks (e.g., NIST 800-171, NIST 800-53, RMF, FedRAMP, Zero Trust). Implement STIGs, security baselines, and automated security scanning (SAST/DAST).
• Infrastructure as Code (IaC): Automate infrastructure provisioning and configuration management using Terraform, CloudFormation, and Ansible.
• Containerization & Orchestration: Deploy and manage Docker containers and Kubernetes clusters in AWS GovCloud, leveraging services like Amazon EKS, ECS, and Fargate.
• Monitoring & Incident Response: Implement AWS CloudWatch, AWS Security Hub, GuardDuty, Splunk, or ELK for proactive monitoring, logging, and compliance reporting.
• Automation & Scripting: Develop automation scripts using Python, Bash, or PowerShell to improve deployment efficiency and security enforcement.
• Collaboration & Knowledge Sharing: Work closely with software developers, cybersecurity teams, and cloud engineers to integrate security and automation into the software development lifecycle (SDLC).
• Mid level requires 5+ years of hands-on experience in DevSecOps, Cloud Engineering, or Infrastructure Automation roles.
• Senior level requires 7+ years of hands-on experience in DevSecOps, Cloud Engineering, or Infrastructure Automation roles.
• Strong expertise in AWS GovCloud services, security configurations, and compliance frameworks.
• Experience with CI/CD tools (GitLab CI/CD, Jenkins, AWS CodePipeline, or similar).
• Hands-on experience with Infrastructure as Code (IaC) using Terraform, CloudFormation, and Ansible.
• Proficiency in containerization and orchestration (Docker, Kubernetes, EKS, ECS, Fargate).
• Strong understanding of AWS security services (AWS IAM, GuardDuty, Security Hub, AWS KMS, AWS WAF, AWS Config, AWS Secrets Manager).
• Knowledge of federal cybersecurity frameworks (RMF, NIST 800-171/53, STIGs, Zero Trust).
• Experience implementing automated security testing (SAST, DAST, vulnerability scanning, SBOM management).
• Proficiency in scripting (Python, Bash, PowerShell) for automation and security enforcement.
• Security+, AWS Certified Security
• US citizenship with the ability to obtain successful DoD SECRET security clearance required

Please join us, as together we build a better world one mission at a time powered by Technology and its People

Locations: 

HQ- McLean VA - Tyson's Corner - Hybrid

Dayton OH, Wright Patterson AFB - On-site

#LI-Hybrid