Senior DevSecOps Engineer

Role Overview

T-Rex Solutions is seeking a Senior DevSecOps Engineer to support our FDIC customer. This role is primarily remote, with potential for occasional meetings at FDIC HQ in Arlington, VA.

Responsibilities

• Design, implement, and maintain enterprise DevSecOps architectures that integrate security throughout all phases of the SDLC.
• Develop and optimize CI/CD pipelines to support automated, secure, and reliable application delivery.
• Establish reference architectures, technical standards, engineering patterns, and best practices for DevSecOps implementations.
• Design and implement Infrastructure as Code (IaC) solutions to automate infrastructure provisioning, configuration management, and deployment activities.
• Integrate automated security testing into software delivery pipelines, including: Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), Container and image scanning, Secret detection and credential management, and Infrastructure security scanning.
• Design secure cloud-native and hybrid-cloud architectures utilizing modern platform services and security controls.
• Ensure compliance with federal cybersecurity requirements, including NIST, FISMA, RMF, Zero Trust, and agency-specific security standards.
• Support continuous Authority to Operate (ATO) initiatives through the development of architecture artifacts, security documentation, risk assessments, and compliance evidence.
• Evaluate emerging technologies, tools, and practices to improve platform security, efficiency, scalability, and resilience.
• Lead architecture reviews, technical design sessions, and security assessments.
• Develop strategies to reduce technical debt and improve application maintainability and operational effectiveness.
• Create technical roadmaps that align DevSecOps capabilities with organizational goals and modernization initiatives.
• Provide technical mentorship and leadership to DevSecOps engineers, software developers, and infrastructure teams.
• Support incident response, vulnerability remediation efforts, and continuous monitoring initiatives as required.

Requirements

• Bachelor's degree in Computer Science, Software Engineering, Computer Engineering, Information Systems, Cybersecurity, or a related technical field.
• Ability to obtain and maintain a Public Trust, suitability determination, or other clearance level required.
• 7–10 years of progressive experience in software engineering, DevOps, DevSecOps, cloud architecture, cybersecurity engineering, or related technical disciplines.
• Demonstrated experience designing and implementing enterprise DevSecOps solutions in complex environments.
• Experience developing and managing CI/CD pipelines supporting secure software delivery.
• Hands-on experience with Infrastructure as Code (IaC) frameworks and automated deployment methodologies.
• Experience integrating automated security controls and testing into software delivery pipelines.
• Experience supporting federal cybersecurity compliance requirements and security authorization processes.
• Experience leading technical teams and providing architectural guidance across multiple projects or programs.
• Experience supporting cloud migration, application modernization, or digital transformation initiatives.
• Strong knowledge of secure software development lifecycle (SSDLC) processes.
• Strong knowledge of Microsoft Azure.
• Experience with the following toolset: GitHub Enterprise Server/Cloud, JFrog Artifactory, JFrog Xray, SonarQube, GitHub Advanced Security, GitHub Copilot, and Subject7.
• Knowledge of containerization and infrastructure technologies including Azure Kubernetes Services (AKS), Virtual Machines, Application Gate Way, App Services, Key Vaults, ServiceNow, CyberArk, and Terraform.
• Experience implementing security automation and vulnerability management solutions.
• Strong understanding of application security principles, secure coding practices, and threat modeling techniques.
• Knowledge of federal cybersecurity frameworks and standards including:
• NIST Cybersecurity Framework (CSF)
• NIST 800-53
• NIST Secure Software Development Framework (SSDF)
• Federal Information Security Modernization Act (FISMA)
• Risk Management Framework (RMF)
• Zero Trust Architecture
• Excellent written and verbal communication skills with the ability to convey complex technical concepts to diverse audiences.

Desired Skills

• One or more of the following certifications are preferred:
• Microsoft Azure Solutions Architect Expert
• Certified Kubernetes Administrator (CKA)
• Certified Kubernetes Security Specialist (CKS)

About T-Rex Solutions

Established in 1999, T-Rex Solutions, LLC is a proven mid-tier business providing data-centric mission services to the Federal government. We design, integrate, secure, and deploy advanced technical solutions for our customers. T-Rex offers both IT and professional services to numerous Federal agencies and is a leader in providing high quality and innovative solutions in Cloud and Infrastructure Services, Cyber Security, and Big Data Engineering.

T-Rex is committed to creating a culture that supports employee development and offers industry-leading compensation packages and benefits.

Compensation and Benefits

• Salary Range: $100,000 - $185,000 annually (base salary; actual compensation may vary).
• Benefits Include: PTO available immediately, paid parental leave, comprehensive health, vision, and dental benefits, annual budget for training and professional development, 401(k) plan with company match (fully vested after 60 days), and more.

T-Rex is an Equal Opportunity Employer.