DevSecOps Engineer
Not Disclosed•Full-TimeOn-site
location_on824, South 13th Street, Louisville, Jefferson County, Kentucky, 40210, United States
About the Team
Maximus Technology and Consulting Services (TCS) operates at the intersection of advanced technology and critical national security. Our team is dedicated to securing the infrastructure that powers essential government operations, ensuring resilience through robust DevSecOps practices and cutting-edge automation.
About the Role
As a DevSecOps Engineer within our TCS division, you will serve as a guardian of our security posture while driving the evolution of our deployment frameworks. This role exists to bridge the gap between development, security, and operations, transforming manual security processes into automated, scalable workflows.
In this position, you will not only manage incident response, vulnerability scanning, and penetration testing but also architect the automated security frameworks that protect our network infrastructure. Your day-to-day involves diagnosing root causes of security issues, maintaining critical runbooks to prevent recurrence, and collaborating with cross-functional teams to implement secure, efficient deployment tools. You will be instrumental in setting up and monitoring proxy servers, firewalls, and systems, ensuring compliance with rigorous security standards while leveraging cloud technologies and scripting to modernize our operational landscape.
Hiring Process
Candidates selected for this role will undergo a comprehensive evaluation process designed to assess both technical expertise and cultural fit. The process typically includes:
- Initial Screening: A review of qualifications, including clearance status and relevant certifications.
- Technical Assessment: A deep dive into your experience with DevSecOps tools, automation frameworks, and security protocols.
- Interviews: Conversations with hiring managers and team members to discuss specific scenarios, problem-solving approaches, and team collaboration.
- Final Review: Background checks and final clearance verification.
Application Instructions
To apply, please submit your resume and relevant certifications through the official Maximus career portal. Ensure your application highlights your experience with cloud platforms, automation tools, and security frameworks.
Equal Opportunity & Culture
Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information, and other legally protected characteristics. We are committed to fostering a diverse and inclusive environment where all employees can thrive.
Accommodations
Maximus is dedicated to providing reasonable accommodations to individuals requiring assistance during any phase of the employment process due to a disability, medical condition, or physical or mental impairment. If you require assistance at any stage—including accessing job postings, completing assessments, or participating in interviews—please contact People Operations at applicantaccom@maximus.com.
Compensation & Benefits
Maximus offers a competitive total compensation package that includes health insurance coverage, life and disability insurance, a retirement savings plan, paid holidays, and paid time off. Our compensation is determined by various factors including job location, education, training, experience, and market value, and we do not use salary history in determining compensation.
Work location
Work model: On-site
824, South 13th Street, Louisville, Jefferson County, Kentucky, 40210, United States
Louisville, Kentucky
Key Responsibilities
- check_circleConduct penetration testing and security code reviews
- check_circleManage end-user and administration access for access control
- check_circleCoordinate remediation patching and compliance efforts
- check_circleSet up and maintain proxy servers, systems, and firewalls
- check_circleUpdate security procedures and maintain operations runbooks
- check_circleDesign and implement automated security testing tools and frameworks
- check_circlePerform network and security analysis to diagnose root causes
Requirements
- verifiedBS in Computer Science, IT, or related field
- verified10 years experience or multiple IT certifications
- verified8 years work-related experience
- verifiedActive Top Secret with SCI eligibility
- verifiedSecurity+ or DoD 8570 IAT-II certification
Nice to Have
Certified Kubernetes Application Developer (CKAD), Red Hat Certified Engineer (RHCE), Certified Jenkins Engineer (CJE), AWS Certified DevOps Engineer, Certified Kubernetes Engineer (CKA), GitLab Certified DevOps Professional, or similar certifications. Familiarity with technical aspects for IT and IAT-Level II Certifications. Experience with CI/CD pipelines, infrastructure as code, and containerization technologies. Expertise in cloud platforms, automation tools, scripting languages, and security testing tools. Understanding of AWS, Azure, or GCP and their security services. Understanding of USAF IT systems, networks, and platforms. Experience with Jenkins, GitLab CI, Azure DevOps, or similar tools for automating the build, test, and deployment process. Proficiency with tools like Terraform, Ansible, or CloudFormation to automate infrastructure provisioning and configuration. Familiarity with Docker, Kubernetes, and related technologies. Proficiency in scripting languages like Python, Bash, or PowerShell to automate security tasks and workflows. Experience with static analysis (SAST), dynamic analysis (DAST), and software composition analysis (SCA) tools, as well as vulnerability scanners. Solid understanding of network security principles, including firewalls, intrusion detection/prevention systems, and network segmentation. Familiarity with SIEM solutions (like Splunk or ELK) and log aggregation tools for security monitoring. Familiarity with Identity and Access Management (IAM) and Zero Trust (ZT) security models.
Benefits & Perks
check_circleHealth insurance coveragecheck_circleLife and disability insurancecheck_circleRetirement savings plancheck_circlePaid holidays and paid time offcheck_circleShort- and long-term incentives