DevSecOps Engineer

Job Summary

Galapagos Federal Systems LLC is seeking a motivated and highly qualified DevSecOps Engineer to support the integration of development, security, and operations practices within a mission-critical Department of Defense (DoD) system.

Role Overview

This role enables the continuous delivery of secure, high-quality software supporting more than 6,500 users across the DoD enterprise, including coordinators, victim advocates, and legal, investigative, and command personnel. In this position, you will help maintain and enhance a system that manages sensitive case-level data, requiring strict adherence to DoD cybersecurity standards and security controls. Working within an Agile development environment, you will participate in regular sprint cycles delivering bug fixes, urgent priority updates, and minor system enhancements while ensuring the platform maintains system availability of 99.5% or higher.

Key Responsibilities

The DevSecOps Engineer will:

• Design, implement, and maintain DevSecOps CI/CD pipelines that support secure, automated software delivery
• Automate functional testing and integrate automated test cases into the DevSecOps pipeline prior to deployment authorization
• Ensure system deliverables are architected to fully leverage Continuous Integration and Continuous Delivery (CI/CD) capabilities
• Support quarterly Agile sprint cycles, delivering bug fixes, emergency priority updates, and minor system enhancements
• Apply DoD Application Security and Development (ASD) STIG requirements to software architecture, development, and deployment processes
• Implement secure coding best practices, including adherence to OWASP security principles
• Conduct application security scans using tools such as Fortify and Sonatype, and remediate or mitigate identified vulnerabilities in accordance with Cyber Hardening Policies
• Support the migration and deployment of applications to Cloud Service Providers (CSPs) in compliance with the DoD Cloud Computing Security Requirements Guide (SRG)
• Operate and maintain development, test, and production environments within IL4 or IL5 cloud environments supporting Controlled Unclassified Information