Description & Requirements

The Principal DevSecOps Engineer is responsible for designing and implementing the overall DevSecOps strategy and architecture within the Digital organization. This role requires a combination of both hands-on work and drive strategic objectives around DevSecOps, technical thought leadership, and subject matter expertise for our ecosystem of modern apps & platforms. They will be responsible for designing, implementing, and maintaining our cloud infrastructure and services, as well as helping to automate and streamline our development and deployment processes. They will work closely with development, infrastructure, operations, and security teams to ensure that the DevSecOps processes and tools are aligned with the organization's goals and objectives. Key responsibilities include designing and implementing scalable and sustainable CI/CD pipelines, automating delivery processes, and providing guidance on performance and operability improvements.

Essential Duties and Responsibilities:
- Define, develop, and implement the configuration management system which supports the enterprise software development life cycle (SDLC).
- Manage source code within the Version Control System (i.e. branching, sync, merge), compiles, assembles and packages software from source code, and mentors less senior team members in this discipline.
- Work with AEG to perform and validate installations/upgrades/deployments/containers.
- Define and provide guidance on standards/best practices.
- Develop automation scripts for build, deployment, and versioning activities, and mentors less senior team members in this discipline.
- Research and resolve technical problems associated with the version control and continuous integration systems.

• Lead the design and implementation of platform infrastructure and services that enable efficient software development across the organization.

• Work strategically with development and DevSecOps teams to build comprehensive solutions, aligning platform capabilities with project needs.

• Design and build infrastructure leveraging container orchestration (EKS/K8S) for scalability and streamlined deployments.

• Collaborate with architects and IT service owners (security, platform services, network services, etc.) to ensure the DevSecOps roadmap supports broader initiatives and security requirements.

• Establish and oversee the organization's overall DevSecOps strategy and architecture, embedding security into all development and deployment processes.

• Analyze existing build and release processes, recommending and implementing improvements for development teams.

• Guide the selection and integration of managed cloud services to support software development goals and optimize platform efficiency.

• Implementing orchestration and workflow automation to coordinate complex cloud-based processes and integrate different services and systems.

• Provide expert guidance in the design and implementation of software delivery lifecycle automation such as CI/CD, build, testing, and release.

• Writing scripts and code (Python, PowerShell, Bash, etc.) to automate repetitive tasks, integrate cloud services, and enhance cloud automation capabilities.

• Design and implement CI/CD pipelines and cloud infrastructure automation, ensuring high availability, reliability, scalability, and performance.

• Lead teams in adopting modern design patterns, cloud-first approaches, security-first, and innovative integrations with partner systems.

• Develop deployment standards, reusable interfaces, and orchestration workflows to streamline processes and integrate cloud services effectively.

• Integrate security controls and best practices into the automation process to ensure a secure cloud environment.

• Monitor and manage application performance and service quality, including initial troubleshooting, identification of root causes, and issue resolution.

• Provide technical guidance on cloud best practices, cost optimization, and security throughout the organization.

• Create comprehensive documentation for automation processes, workflows, and standard operating procedures for educating team members on automation best practices.

• Support RFIs, RFPs, RFQs, including whitepaper development and concept design.

• Participate in FedRAMP security audits, documentation, and AWS Well-Architected reviews.

• Stay updated on DevSecOps trends and apply continuous improvement models across deployment processes and tooling.

• Establish execution plans, manage risks, oversee solution delivery, and mentor teammates.

• Ensure all changes follow the defined change control process with proper approvals documented.

• Provide clear and timely updates to senior management, escalate issues, and ensure adherence to change control processes.

• Ensure compliance-thinking in DevSecOps processes and application of technology components to be audit ready and compliant.

• Mentor and support project teammates

• Work on other duties as assigned.

Minimum Requirements

Minimum Requirements:
- Bachelor's degree in relevant field of study and 7+ years of relevant professional experience required, or equivalent combination of education and experience.
- Master's degree preferred.
- 8+ years' experience with SVN administration.
- 8+ years J2EE application experience.
- 2+ years DevOps/Containerization technology experience (Docker, Kubernetes, PCF).
- Expert with scripting languages; Ant, Jython, bash, Groovy, etc.
- Expert in Agile development and Continuous Delivery methodologies.
- Expert with continuous integration environment utilities, preferably Jenkins.
- Excellent verbal and written communication skills.
- May travel up to 10%.
- Work in regular office environment.
- Consistently works on complex assignments requiring independent action and a high degree of initiative to resolve issues.
- Works with minimal supervision with wide latitude for independent judgement.
- Determines methods and procedures on new assignments and may supervise in a technical matrix organization.
- Position is recognized as a subject matter expert within a particular discipline.
- Some barriers to entry exist at this level (sr Executive approval).
- Knowledgeable of emerging trends and may contribute to and influence best practices within discipline.

• Bash, Python, Powershell - 6 Years

• AWS and its main services: EC2, ECS, EKS, EBL, Lambda, S3, IAM, CloudWatch, etc. - 6 Years

• Docker/ Kubernetes (5+ years)

• CI/CD (5+ years)

• Jenkins (5+ years)

• Maven (5+ years)

• GitHub/Bitbucket (5+ years)

• Linux (5+ years)

• Network Security, WAF (5+ years)

• AWS: EC2, S3, RDS, , etc. (5+ years)

#techjobs

• CI/CD pipelines, Jenkins (7+ years)

• AWS database technologies: RDS, Aurora, DynamoDB (3 - 5+ years)

• Junit - (1+ years)

• AppDynamics, AWS CloudWatch (3 - 5+ years)

• API Gateway (3 - 5+ years)

• Jira & Confluence (3 - 5+ years)

• Splunk (3+ years)

• AWS Workspace (3+ years)

• Azure cloud, a big plus.

#techjobs

EEO Statement

Active military service members, their spouses, and veteran candidates often embody the core competencies Maximus deems essential, and bring a resiliency and dependability that greatly enhances our workforce. We recognize your unique skills and experiences, and want to provide you with a career path that allows you to continue making a difference for our country. We're proud of our connections to organizations dedicated to serving veterans and their families. If you are transitioning from military to civilian life, have prior service, are a retired veteran or a member of the National Guard or Reserves, or a spouse of an active military service member, we have challenging and rewarding career opportunities available for you. A committed and diverse workforce is our most important resource. Maximus is an Affirmative Action/Equal Opportunity Employer. Maximus provides equal employment opportunities to all qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disabled status.