DevSecOps Engineer

Systems Planning and Analysis, Inc. (SPA) delivers high-impact, technical solutions to complex national security issues. With over 50 years of business expertise and consistent growth, we are known for continuous innovation for our government customers, in both the US and abroad. Our exceptionally talented team is highly collaborative in spirit and practice, producing Results that Matter. Come work with the best! We offer opportunity, unique challenges, and clear-sighted commitment to the mission. SPA: Objective. Responsive. Trusted.

The Joint, Office of the Secretary of Defense, Interagency Division (JOID) provides expert support services to a range of customers spanning across the Department of Defense, Federal Civilian, and international markets. JOID provides a diverse portfolio of analytical and programmatic capabilities to help our customers make informed decisions on their most challenging issues.

SPA's NATO Allied Command Transformation Group, within JOID, provides capability development, portfolio management, program management, quality management, cost estimation analysis, standardization, reporting, software solutions and information management, and capability management support. We also provide an improved capability requirements capture process, including the generation, documentation and tracing of user requirements, with appropriate technical scrutiny, over the entire lifecycle of the requirements from capability definition through capability realization and capability usage.

We have a near-term need for a DEVSECOPS Engineer to provide onsite support in Norfolk, VA.

The candidate will deploy and operate containerized services using orchestration frameworks to ensure scalability and resilience. Automate infrastructure through Infrastructure as Code (IaC) to provide consistent and repeatable environments. Deploy and monitor workloads in cloud environments (AWS, Azure, Google Cloud, VMware, OpenStack). Implement site reliability engineering (SRE) and observability practices to ensure resilience, monitoring, logging, metrics, and distributed tracing. Support high-throughput and service-oriented architectures, ensuring resilient and scalable deployments. Deliver incremental capabilities in Agile and DevSecOps environments following frameworks such as Scrum, SAFe, or Kanban. Design and manage secure networking and service meshes (TLS, Istio, Linkerd, API gateways) to ensure encrypted and reliable service-to-service communication. Apply zero-trust principles and compliance automation to enforce security policies and validate system compliance. Manage identity and access using secure methods for secrets, tokens, certificates, and least-privilege access control.

Required:

• Nationality of one of the NATO member countries.
• 4+ years of experience with containerization and orchestration (Docker, Kubernetes, OpenShift).
• 4+ years of experience in designing and maintaining CI/CD pipelines with automated testing and security validation.
• Experience with Infrastructure as Code (Terraform, Ansible, Helm, Pulumi).
• Experience deploying and securing workloads in hybrid/public cloud environments (AWS, Azure, Google Cloud, VMware, OpenStack).
• Experience implementing site reliability engineering and observability practices (Prometheus, Grafana, ELK/Loki, OpenTelemetry).
• Experience implementing scalable, resilient, high-throughput systems and serviceoriented architectures.
• Experience delivering capabilities in Agile/DevSecOps environments (Scrum, SAFe, Kanban).
• Experience designing and managing secure networking and service mesh (TLS, Istio, Linkerd, API gateways).
• Experience applying zero-trust principles and compliance automation (OPA, Kyverno, SBOM, CIS benchmarks).
• Experience managing secrets and access policies using modern IAM solutions (Vault, AWS KMS, Azure Key Vault, RBAC/ABAC).
• Fluent in English (oral and written).
• Active NATO or National Secret (or higher) clearance at the time of award.
• Able to work fully onsite based on client needs.