Experienced DevSecOps Engineer

Serco is seeking a highly skilled and motivated Experienced DevSecOps Engineer to join our team - (100% Remote). This role is critical in integrating security practices within the DevOps process, ensuring that security is embedded throughout the software development lifecycle.

Responsibilities:

• Design, implement, and maintain secure CI/CD pipelines
• Integrate security tools and practices into development and deployment workflows (e.g., SAST, DAST, container scanning)
• Collaborate with development, operations, and security teams to ensure secure software delivery
• Automate infrastructure provisioning and configuration using Infrastructure as Code (IaC) tools such as Terraform or CloudFormation
• Monitor systems for security vulnerabilities and respond to incidents
• Conduct threat modeling and risk assessments for new and existing systems
• Stay current with emerging security threats, technologies, and best practices

Requirements:

• U.S. Citizenship required
• Ability to obtain DoW Secret security clearance
• Bachelor's degree
• Minimum 5 years of experience in DevOps, Security Engineering, Software Engineering, or Cloud Engineering
• Proficiency with Azure
• Experience with any of the following CI/CD tools: Jenkins, GitLab CI, GitHub Actions, Cloud-Native
• Familiarity with containerization/orchestration with Docker and Kubernetes
• Strong scripting skills
• The ability to travel up to 10%. (CONUS)
• Certifications such as AWS Certified DevOps Engineer, Microsoft DevOps Engineer Expert, Certified Cloud Native Security Expert (CCNSE), or equivalent experience
• Experience with secrets management tools (e.g., Azure Key vault, AWS Secrets Manager)
• Familiarity with zero-trust architecture and secure software supply chain practices
• Knowledge of security frameworks and compliance standards (e.g., NIST, ISO 27001, SOC 2)
• Strong scripting skills (e.g., Python, Bash)