DevSecOps Specialist - TS/SCI in MD

Job Description

Job Description

DevSecOps Specialist - TS/SCI in MD

Position Description:

CNF Technologies is seeking a DevSecOps Specialist to integrate security practices into the full software development lifecycle (SDLC) to enable secure, rapid, and continuous delivery of software capabilities in classified environments. This position supports critical national security missions through secure, agile software delivery. The ideal candidate shall be able to implement automation, continuous integration/continuous delivery (CI/CD) pipelines, and infrastructure as code (IaC) with embedded security controls to support mission-critical systems. In addition, this role requires collaboration with development, operations, and security teams to foster a culture of shared responsibility for security in alignment with DoD cybersecurity policies.

General Experience:

• Experience in software development, DevOps, or cybersecurity engineering, with at least 3 years specifically in DevSecOps practices or secure software development.

• Experience implementing CI/CD pipelines, containerization (e.g., Docker/Kubernetes), and cloud-native security in classified or high-security environments. Experience with Jenkins and GitLab is preferred.

• Proven track record working in agile/DevOps methodologies with a focus on security automation and compliance in DoD or IC environments.

Functional Responsibility:

• Design, implement, and maintain secure CI/CD pipelines incorporating automated security scanning, vulnerability assessment, and compliance checks.

• Conduct secure code reviews, threat modeling, and integration of security tools (SAST, DAST, SCA) into development workflows.

• Develop and enforces secure infrastructure configurations using IaC tools while ensuring adherence to DoD RMF, STIGs, and other security standards.

Requirements:

• Must possess and maintain active TS/SCI clearance with CI polygraph (current polygraph required; no interim clearances accepted).

• Willing and able to work full-time on-site in a classified facility.

• Must meet DoDM 8140.03 qualification requirements for DCWF Work Role 627, including obtaining/maintaining DoD-approved foundational certifications (e.g., relevant security, cloud, or DevSecOps-aligned credentials such as those from GIAC, CompTIA, or similar providers listed in the DoD 8140 Qualification Matrices).

• Strong knowledge of secure software development practices, container/orchestration security, and automated security testing tools.

Education and Experience:

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, Engineering, or a related technical field is preferred; relevant advanced experience may substitute for degree.

• Equivalent experience: 4+ years of specialized DevSecOps or secure software engineering experience in lieu of a degree (combined with required certifications).

• Desired: Advanced certifications or training in cloud security (e.g., AWS/Azure/GCP security), DevSecOps automation, or secure coding practices that align with DoD 8140.03 qualification pathways.

Location:

Ft. Meade, MD