DevSecOps Engineer

Job Title: DevSecOps & Policy-as-Code Security Engineering SME (Cloud & Platform Security) Location: Virginia (Hybrid, onsite only if required once in month) Duration: 3years Job Overview We are seeking a highly skilled DevSecOps & Policy-as-Code Security Engineering SME to support cloud and platform security initiatives. The ideal candidate will have strong expertise in implementing policy-as-code frameworks, securing containerized environments, and integrating security controls into CI/CD pipelines. Key Responsibilities - Design and implement policy-as-code frameworks using tools such as OPA/Rego - Develop and enforce boundary-as-code and Infrastructure-as-Code (IaC) security policies - Integrate security controls into CI/CD pipelines through automated policy enforcement - Implement security configurations for containerized environments and Kubernetes platforms - Develop and manage configuration drift detection and remediation frameworks - Maintain version-controlled repositories for security policies and compliance rules - Configure network security groups and boundary controls using IaC tools - Implement automated classification and tagging for PII and sensitive data Required Skills & Expertise - Strong experience in DevSecOps practices - Hands-on expertise in Kubernetes Security - Experience with Infrastructure-as-Code (IaC) security - Proficiency in OPA/Rego (Policy-as-Code frameworks) - Strong knowledge of Cloud Security principles and best practices Preferred Qualifications - Experience working in federal or regulated environments - Familiarity with compliance frameworks and security standards - Strong problem-solving and analytical skills Additional Information - Long-term engagement (3 years) - Fully remote opportunity Job Type: Contract Pay: $110,000.00 - $130,000.00 per year Experience: - DevSecOps: 6 years (Required) - Google Cloud Platform: 1 year (Preferred) Security clearance: - Secret (Required) Work Location: Hybrid remote in Springfield, VA 22152