Business Services & Consulting • all cities, NY 35
DEVSECOPS ENGINEER (35)
all cities, NY 35On-sitePosted 23 hours ago
Business Services & Consulting
About the Role
Svitla Systems Inc. is looking for a DevSecOps Engineer for a full-time remote position (40 hours per week) in the USA.
Our client is a cloud-native cybersecurity company that helps organizations automatically and continuously minimize the attack surface of their cloud workloads.
You'll design, deploy, and maintain secure, cloud-native infrastructure supporting Department of War customers. You will work across container platforms, CI/CD pipelines, and government cloud environments to deliver hardened, compliant software systems at scale. This role sits at the intersection of platform engineering, security, and DevSecOps and requires a strong understanding of DoW policies, toolchains, and accreditation processes.
Prior experience working with Cato, continuous authorization, or Ongoing Authorization environments.
CKA, CKS, AWS GovCloud certifications, or equivalent credentials
Experience with AWS GovCloud and/or Azure Government.
Understanding of DoD compliance frameworks: NIST 800-53, STIGs, RMF, FedRAMP.
Experience with container registry management and observability in Kubernetes environments, enabling secure image lifecycle workflows, compliance scanning, and end-to-end system visibility across production platforms.
Active DoW Security Clearance (Secret or higher) is a strong advantage.
Responsibilities
Design and maintain Kubernetes-based infrastructure, including cluster provisioning, RBAC configuration, network policy, and workload management.
Package and deploy applications using Helm charts; maintain chart repositories and manage release lifecycle across environments.
Implement and enforce policy controls using Istio service mesh, OPA Gatekeeper, Kyverno, and related Kubernetes admission controllers.
Build and maintain CI/CD pipelines using GitLab CI, GitHub Actions, Jenkins, or equivalent tooling; integrate automated security scanning and compliance gates.
Deploy and operate workloads on AWS GovCloud and Azure Government; architect for high availability, disaster recovery, and cross-region compliance requirements.
Manage and harden container images; integrate with Iron Bank, Platform One, and other DoW-approved registry sources.
Configure and maintain observability stacks, including Prometheus, Grafana, and Datadog; develop alerting, dashboards, and SLO frameworks.
Participate in ATO processes, support STIG/CIS compliance scanning, and contribute to System Security Plans (SSPs) and documentation artifacts.
Collaborate with development, security, and program teams to establish and refine DevSecOps practices across the software delivery lifecycle.
Support air-gapped and classified environment deployments; design solutions for offline image transfer, registry mirroring, and artifact management.
Coordinate with government platform teams and managed service providers to integrate and sustain vendor tooling within approved DoD software factories.
We offer
US and EU projects based on advanced technologies.
Competitive compensation based on skills and experience.
Flexibility in workspace, either remote or our welcoming office.
Bonuses for article writing, public talks, and other activities.
Free tech webinars and meetups organized by Svitla.
Regular corporate online activities.
Awesome team, friendly and supportive community!
Svitla Systems Inc. is looking for a DevSecOps Engineer for a full-time remote position (40 hours per week) in the USA.
Our client is a cloud-native cybersecurity company that helps organizations automatically and continuously minimize the attack surface of their cloud workloads.
You'll design, deploy, and maintain secure, cloud-native infrastructure supporting Department of War customers. You will work across container platforms, CI/CD pipelines, and government cloud environments to deliver hardened, compliant software systems at scale. This role sits at the intersection of platform engineering, security, and DevSecOps and requires a strong understanding of DoW policies, toolchains, and accreditation processes.
Prior experience working with Cato, continuous authorization, or Ongoing Authorization environments.
CKA, CKS, AWS GovCloud certifications, or equivalent credentials
Experience with AWS GovCloud and/or Azure Government.
Understanding of DoD compliance frameworks: NIST 800-53, STIGs, RMF, FedRAMP.
Experience with container registry management and observability in Kubernetes environments, enabling secure image lifecycle workflows, compliance scanning, and end-to-end system visibility across production platforms.
Active DoW Security Clearance (Secret or higher) is a strong advantage.
Responsibilities
Design and maintain Kubernetes-based infrastructure, including cluster provisioning, RBAC configuration, network policy, and workload management.
Package and deploy applications using Helm charts; maintain chart repositories and manage release lifecycle across environments.
Implement and enforce policy controls using Istio service mesh, OPA Gatekeeper, Kyverno, and related Kubernetes admission controllers.
Build and maintain CI/CD pipelines using GitLab CI, GitHub Actions, Jenkins, or equivalent tooling; integrate automated security scanning and compliance gates.
Deploy and operate workloads on AWS GovCloud and Azure Government; architect for high availability, disaster recovery, and cross-region compliance requirements.
Manage and harden container images; integrate with Iron Bank, Platform One, and other DoW-approved registry sources.
Configure and maintain observability stacks, including Prometheus, Grafana, and Datadog; develop alerting, dashboards, and SLO frameworks.
Participate in ATO processes, support STIG/CIS compliance scanning, and contribute to System Security Plans (SSPs) and documentation artifacts.
Collaborate with development, security, and program teams to establish and refine DevSecOps practices across the software delivery lifecycle.
Support air-gapped and classified environment deployments; design solutions for offline image transfer, registry mirroring, and artifact management.
Coordinate with government platform teams and managed service providers to integrate and sustain vendor tooling within approved DoD software factories.
We offer
US and EU projects based on advanced technologies.
Competitive compensation based on skills and experience.
Flexibility in workspace, either remote or our welcoming office.
Bonuses for article writing, public talks, and other activities.
Free tech webinars and meetups organized by Svitla.
