Air
DevSecOps Engineer
Company Description
Air is the leader in Enterprise Readiness. Our mission is to establish readiness as a real-time condition that is continuously achieved. Today, a dangerous Readiness Gap exists between what the front line needs and what is delivered. Our AI-native platform, Air Enterprise Readiness, aligns development, production, delivery, and sustainment into one coordinated execution system for government agencies and industrial suppliers. By revealing true capacity, exposing real constraints, coordinating resources, and executing at the speed of operational demands, the front line gets what it needs to succeed.
Job Description
We are seeking a skilled and dedicated DevSecOps Engineer to join our Engineering team. As a DevSecOps Engineer at Air, you will be essential to securing, operating, and continuously deploying to U.S. government-accredited environments.
In order to do this job well, you must be obsessed with quality and efficiency and love working with diverse technologies. You have a strong understanding of DevSecOps principles, automation, and continuous integration/continuous delivery (CI/CD). Our ideal candidate is someone who is energized by building scalable technology to support the defense and intelligence communities.
This role is a full-time position located out of our office in Pittsburgh, PA.
This role may require up to 10% travel.
Scope of Responsibilities
- Secure, operate, and continuously deploy to FedRAMP and IL5 environments.
- Document security processes, vulnerabilities, remediation actions, and compliance measures.
- Partner with engineers to interpret security requirements and plan effective control implementations.
- Integrate security tools into the CI/CD pipeline, run security scans, and remediate vulnerabilities.
- Translate and synthesize complex concepts and architectures into a clear body of evidence artifacts, including System Security Plans (SSP) and architecture diagrams.
- Build and support a CI/CD infrastructure utilizing GitLab, Jenkins, Helm, and Kubernetes.
- Serve as a security Subject Matter Expert (SME) and govern architectures to ensure they remain within the scope of an ATO.
Qualifications
- U.S. Citizenship is required
- Bachelor's degree in Computer Science, Mathematics or a related technical field
Required Skills:
- Linux/Unix experience, including command line and shell scripting
- Hands-on operational AWS/GCP/Azure experience
- Experience with cybersecurity frameworks (FedRAMP, FISMA, DoD SRG, NIST 800-171)
- Experience building and maintaining CI/CD pipelines with Jenkins, Gitlab CI, or related technologies
- Experience with Systems Monitoring/Alerting (Splunk, PagerDuty, Prometheus, Alertmanager, Grafana)
- Experience with infrastructure as code
- Current possession of a U.S. security clearance, or the ability to obtain one with our sponsorship
Desired Skills:
- Experience maintaining compliance within an accredited environment, ensuring all systems and processes operate according to the parameters of the granted ATO.
- Programming experience with any of the following languages: Golang, Java, Python, Groovy, Bash, or Ruby
- Experience with container-based architectures (Docker, Kubernetes, Helm)Experience deploying and supporting a microservices architecture
- Experience in or exposure to the nuances of a startup or other entrepreneurial environment
- Familiarity with test automation, including security testing and performance testing
We firmly believe that past performance is the best indicator of future performance. If you thrive while building solutions to complex problems, are a self-starter, and are passionate about making an impact in global security, we’re eager to hear from you.
Air is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability and protected veterans status or any other characteristic protected by law.
Operations Engineer