Senior DevSecOps Engineer, National Security, Public Sector

US•Washington•Fort Meade

Hybrid

Senior

Full Time

4 days ago

💰$174,000 - $253,000

DevSecOpssecuritypublic sectorseniorTop Secret clearance

Requirements

•Bachelor's degree or equivalent practical experience.
•5 years of experience with Python, Go, or Bash for system automation, middleware creation, and tool integration.
•5 years of experience in a DevOps or DevSecOps role, including automation and pipeline security.
•5 years of experience managing containerized environments, orchestration tools (Kubernetes), and infrastructure-as-code (IaC) tools like Terraform or Ansible.
•Ability to travel up to 25% of the time to engage with customers.
•Must possess an active Top Secret/SCI security clearance with current polygraph.

•Establish security baselines for agent construction, engineering strict privilege boundaries and data flow mapping between agents, vector databases, and external systems to prevent data leakage and indirect prompt injections.
•Integrate automated red-team testing workflows (prompt injection, jailbreaking, privilege escalation) directly into deployment pipelines for continuous compliance with MITRE ATLAS, OWASP, and STRIDE.
•Deploy robust container isolation and strict network egress filtering to restrict runtime access, minimizing the exploit blast radius within high-compute GPU/TPU environments.
•Integrate automated security tools, image scanning, and software bill of materials (SBOM) generation into pipelines, leveraging enterprise software for secure secrets management across model artifacts.
•Build and maintain automated code scanners for deep data flow analysis and fuzzing to catch vulnerabilities while minimizing false positives.
•Work with network equipment and actively monitor systems for attacks and intrusions.
•Work with software engineers to proactively identify and fix security flaws and vulnerabilities.
•Bridge the gap between offensive AI security research (Red Team) and defensive platform engineering (Blue Team).
•Serve as the core architect of automated purple-teaming pipeline.
•Design automation that continuously emulates threats, validates guardrails, and deploys real-time containerized and network defenses.

•Experience with securing AI/ML deployment frameworks (e.g., vLLM, Triton) and auditing underlying short/long-term storage systems like vector databases.
•Experience implementing automated open source intelligence (OSINT) collection systems to transform threat disclosures into actionable signatures or incident response (IR) playbooks.
•Experience deploying advanced container runtime isolation technologies (e.g., gVisor, Kata Containers) and designing strict pod egress network policies.
•Knowledge in supply chain security tools, automated secret governance, and configuring continuous security gates at the pull-request level.
•Familiarity with AI-specific risk frameworks, notably MITRE ATLAS and the open worldwide application security project (OWASP) for LLMs.