DevSecOps Engineer

Starkville, MS
Full Time
Mid Level

Camgian is looking to expand its DevOps team with the addition of a DevSecOps Engineer. In this role, you will be responsible for automating security policy enforcement, implementing STIGs, and ensuring security validation across various infrastructure and software environments. You will play a key role in securing Debian Linux, Kubernetes, Proxmox, network devices, and other critical platforms, influencing hardware purchases to align with security best practices. 

This position requires a strong security background with experience in DoD cybersecurity standards, automation expertise, a solid understanding of network security and security scanning tools, and familiarity with the software development process.  

QUALIFICATIONS 

  • Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field, or equivalent practical experience. 

  • 3 - 7 years of experience in security automation, infrastructure security, or DevSecOps. 

  • DoD cybersecurity experience, including familiarity with frameworks such as NIST 800-53, RMF (Risk Management Framework), and DISA STIG compliance. 

  • United States Citizenship 

  • Ability to obtain and maintain a DoD security clearance 

DESIRED SKILLS 

  • Security Automation: Experience with Ansible or other automation tools for applying security configurations and validating compliance. 

  • Linux Security: In-depth knowledge of Debian-based systems and securing Linux environments, including SELinux, AppArmor, auditing tools, and kernel hardening. 

  • Kubernetes Security: Familiarity with securing Kubernetes clusters, implementing Pod Security Policies (PSPs), RBAC, and container image security best practices. 

  • Network Security: Strong understanding of firewall configuration, intrusion detection/prevention (IDS/IPS), zero-trust architecture, and securing network appliances. 

  • Proxmox Security: Experience securing virtualization environments, implementing network isolation, and hardening hypervisors. 

  • Software Security & DevSecOps: 

  • Experience integrating code scanning tools (Checkmarx, SonarQube, Snyk, etc.) into CI/CD pipelines. 

  • Knowledge of artifact security scanning (JFrog Xray, Trivy, or Clair) for container and package management. 

  • CI/CD & Infrastructure as Code (IaC): 

  • Experience working with Jenkins, GitLab CI/CD, or ArgoCD for automated security enforcement. 

  • Familiarity with infrastructure as code (IaC) principles and tools such as Terraform or CloudFormation. 

  • Compliance & Security Frameworks: 

  • Knowledge of NIST 800-53, CIS Benchmarks, FedRAMP, or other compliance frameworks. 

  • Experience implementing STIGs, SCAP scanning, and automated compliance validation tools. 

  • Scripting & Development: 

  • Proficiency in scripting languages such as Python, Bash, or PowerShell for automation and security enforcement. 

  • Familiarity with development workflows, Git repositories, and secure coding practices. 

KEY RESPONSIBILITIES 

  • Automate security validation to ensure compliance with security policies and STIG requirements. 

  • Secure Kubernetes, Debian Linux, Proxmox, and network devices, ensuring best practices are enforced. 

  • Develop and integrate security tools into the development lifecycle, including Checkmarx and Xray scanning. 

  • Implement and maintain CI/CD security controls within Jenkins, GitLab, and other pipelines. 

  • Harden infrastructure components through automation and enforce security best practices across systems. 

  • Collaborate with developers and DevOps engineers to ensure secure coding practices and infrastructure security. 

  • Evaluate and influence hardware selection to align with DoD security and compliance requirements. 

  • Monitor and respond to security incidents, working to continuously improve detection and response capabilities. 

Exceptional work ethic, willingness to learn, tenacity not to quit, aptitude to surpass, and strong desire to work in a fast-paced environment are necessary for success. Collaboration and cross pollination with other teams will be frequent; thus communication, openness, and willingness to share both success and failure is a must. We are a team-centric organization, there are no individuals, we win and lose together. 

Share

Apply for this position

Required*
Apply with Indeed
We've received your resume. Click here to update it.
Attach resume or Paste resume
Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

To comply with government Equal Employment Opportunity and/or Affirmative Action reporting regulations, we are requesting (but NOT requiring) that you enter this personal data. This information will not be used in connection with any employment decisions, and will be used solely as permitted by state and federal law. Your voluntary cooperation would be appreciated. Learn more.
Invitation for Job Applicants to Self-Identify as a U.S. Veteran
  • A “disabled veteran” is one of the following:
    • a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or
    • a person who was discharged or released from active duty because of a service-connected disability.
  • A “recently separated veteran” means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.
  • An “active duty wartime or campaign badge veteran” means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.
  • An “Armed forces service medal veteran” means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985.
Veteran status


Human Check*