DevSecOps Engineer
Not Disclosed•Full-TimeOn-site
location_onEggplant Alley, Alkali Flat, Sacramento, Sacramento County, California, 95814, United States
About the Role
As a DevSecOps Engineer within Maximus TCS, you will serve as a critical bridge between development, security, and operations. This role is designed to fortify our security posture while accelerating deployment pipelines through automation. You will operate in a high-stakes environment where maintaining the integrity of network infrastructure and application security is paramount.
Your day-to-day involves orchestrating incident response, managing vulnerability lifecycles, and conducting rigorous penetration testing. You will not only identify security gaps but also engineer the automated frameworks and scripts necessary to remediate them. From designing secure deployment processes to maintaining the runbooks that prevent recurring issues, you will ensure that our security operations are both robust and efficient.
This position requires a deep understanding of cloud site reliability engineering and the ability to translate complex security requirements into actionable technical solutions. You will collaborate closely with cross-functional teams to implement automated security testing tools and manage access controls, ensuring that our systems remain resilient against evolving threats.
Hiring Process
Candidates selected for this role will undergo a comprehensive evaluation process designed to assess both technical expertise and cultural fit. The process typically includes:
- Initial Screening: A review of qualifications, specifically focusing on clearance status and relevant certifications.
- Technical Assessment: A deep-dive into your experience with DevSecOps practices, automation tools, and security frameworks.
- Interview Rounds: Conversations with hiring managers and team members to discuss specific scenarios, problem-solving approaches, and team collaboration.
- Final Review: A final decision based on the holistic assessment of your skills and experience.
Application Instructions
To apply, please submit your resume and relevant certifications through the official Maximus careers portal. If you require assistance during any phase of the employment process due to a disability, medical condition, or other impairment, please contact People Operations at applicantaccom@maximus.com to request reasonable accommodations.
Equal Opportunity & Culture
Maximus is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information, or other legally protected characteristics. We are committed to fostering a diverse and inclusive workplace where all employees can thrive.
Compensation & Benefits
Maximus offers a competitive total compensation package. While the specific salary range for this role is commensurate with job duties and relevant work experience, our rewards extend beyond base pay to include short- and long-term incentives, program-specific awards, health insurance coverage, life and disability insurance, a retirement savings plan, and paid time off. We believe in transparent compensation practices and do not use an applicant's salary history to determine pay.
Work location
Work model: On-site
Eggplant Alley, Alkali Flat, Sacramento, Sacramento County, California, 95814, United States
Sacramento, California
Key Responsibilities
- check_circleConduct penetration testing and security code reviews
- check_circleManage end-user and administration access for access control
- check_circlePerform network and security analysis and root cause troubleshooting
- check_circleCoordinate remediation patching and compliance efforts
- check_circleSet up and maintain proxy servers, systems, and firewalls
- check_circleUpdate security procedures and maintain operations runbooks
- check_circleResearch technology trends for cloud site reliability engineering
- check_circleDesign and implement automated security testing tools and frameworks
Requirements
- verifiedBS in Computer Science, IT, or related field
- verified10 years experience or multiple IT certifications
- verified8 years work-related experience
- verifiedActive Top Secret with SCI eligibility
- verifiedSecurity+ or DoD 8570 IAT-II certification
Nice to Have
Certified Kubernetes Application Developer (CKAD), Red Hat Certified Engineer (RHCE), Certified Jenkins Engineer (CJE), AWS Certified DevOps Engineer, Certified Kubernetes Engineer (CKA), GitLab Certified DevOps Professional, or similar certifications. Familiarity with technical aspects for IT and IAT-Level II Certifications. Experience with CI/CD pipelines, infrastructure as code, and containerization technologies. Expertise in cloud platforms, automation tools, scripting languages, and security testing tools. Understanding of AWS, Azure, or GCP and their security services. Understanding of USAF IT systems, networks, and platforms. Experience with Jenkins, GitLab CI, Azure DevOps, or similar tools for automating the build, test, and deployment process. Proficiency with tools like Terraform, Ansible, or CloudFormation to automate infrastructure provisioning and configuration. Familiarity with Docker, Kubernetes, and related technologies. Proficiency in scripting languages like Python, Bash, or PowerShell to automate security tasks and workflows. Experience with static analysis (SAST), dynamic analysis (DAST), and software composition analysis (SCA) tools, as well as vulnerability scanners. Solid understanding of network security principles, including firewalls, intrusion detection/prevention systems, and network segmentation. Familiarity with SIEM solutions (like Splunk or ELK) and log aggregation tools for security monitoring. Familiarity with Identity and Access Management (IAM) and Zero Trust (ZT) security models.
Benefits & Perks
check_circleHealth insurance coveragecheck_circleLife and disability insurancecheck_circleRetirement savings plancheck_circlePaid holidays and paid time offcheck_circleShort- and long-term incentives