DevSecOps & Automation Engineer

DevSecOps & Automation Engineer

LOCATION: Remote U.S.

JOB STATUS:Full-time

CLEARANCE: Active Top Secret

TRAVEL:As Needed

Astrion has an exciting opportunity for a highly experienced DevSecOps & Automation Engineerto build and maintain the automated pipelines, infrastructure provisioning, and secure software delivery processes that let CORE host and operate solutions at scale. This role makes onboarding fast, repeatable, and compliant. The engineer owns CI/CD pipelines, image hardening, policy-as-code, artifact management, and the reusable templates that solution teams use to deploy onto CORE. The engineer reports to both the CORE Lead and the Platform & Cloud Chief Engineer under a matrix model.

This is a senior individual contributor role on a five-person team. The engineer must design, build, secure, and operate the automation layer with minimal supervision. Every solution that lands on CORE flows through pipelines this engineer owns. If those pipelines are slow, brittle, or insecure, the platform fails.

What Makes This Role Different

Most DevSecOps roles inherit a maturity stack: existing pipelines, an existing security tooling chain, an existing change board. This role builds it. The engineer designs the pipelines that define how Astrion ships software for the next decade. Security is not bolted on at the end. SAST, DAST, container scanning, SBOM generation, and policy-as-code are part of every pipeline from day one. The engineer also writes the onboarding templates that solution teams will consume, which means the work has to be opinionated, documented, and stable enough for non-platform engineers to use safely.

REQUIRED QUALIFICATIONS / SKILLS

• Education
  • Bachelor's degree in Computer Science, Engineering, or related technical field. Equivalent experience considered.
• Experience
  • 8+ years in DevOps or DevSecOps engineering.
  • Strong production experience with CI/CD tools such as GitLab, GitHub Actions, or Jenkins.
  • Proficiency in containerization, Kubernetes, and OpenShift.
  • Experience with security tooling and automated compliance gates.
  • Direct experience building pipelines with Iron Bank hardened images.
  • Strong scripting and automation skills in Bash, Python, or Go.
  • Strong Networking background
  • Experience managing artifact repositories such as Artifactory or Nexus.
  • Agile Experiance
• Security Clearance
  • Active Top Secret

KEY COMPETENCIES

• Automation-first engineering mindset.
• Secure software delivery from commit to production.
• Process design that scales without rework.
• Documentation discipline.

PREFERRED QUALIFICATIONS / SKILLS

• HashiCorp Certified: Terraform Associate or Professional.
• Red Hat Certified Specialist in Ansible Automation.
• GitLab Certified Associate or GitHub Actions certification.
• Experience with SonarQube, OWASP ZAP, Anchore, Trivy, or similar.
• Familiarity with NIST RMF and compliance-driven environments.
• Experience with cATO continuous monitoring evidence pipelines.
• Familiarity with GitOps patterns using Argo CD or Flux.

RESPONSIBILITIES

• Develop and maintain CI/CD pipelines for platform and application deployment.
• Implement infrastructure-as-code using Terraform and Ansible Automation Platform.
• Manage artifact repositories and container registries.
• Build secure image pipelines aligned to DoD Iron Bank standards.
• Implement policy-as-code, automated compliance checks, and security gates.
• Integrate SAST, DAST, container scanning, and SBOM generation into delivery pipelines.
• Enable automated promotion across DEV, TEST, and OPS environments.
• Develop reusable onboarding templates and reference patterns for solution teams.
• Maintain artifact signing, supply chain integrity, and traceability across deployments.
• Partner with the Security & Compliance Engineer on control automation and evidence generation.
• Document onboarding workflows so solution teams can self-service against the platform.