Talent.com
Software Engineer - DevSecOps Engineer

Software Engineer - DevSecOps Engineer

GBL Systems CorporationCamarillo, California, United States
job_description.job_card.30_days_ago
serp_jobs.job_preview.job_type
  • serp_jobs.job_card.full_time
job_description.job_card.job_description

Software Engineer I-II - DevSecOps Engineer

Req Number : 011-2025

GBL Systems is a leading system engineering and software development firm located in Camarillo, CA, with a 30+ year history of developing tomorrow’s Electronic Warfare capability today. GBL specializes in the areas of Systems and Software Engineering, Electronic Warfare, Network Centric Warfare, Modeling / Simulation and Avionics Development.

As part of a dynamic team, GBL Engineers contribute to all aspects of the software development process, which includes requirements definition, design, development, test and evaluation, acquisition, and in-service support to various US and Foreign Military customers.  The Frontend Developer role focuses on developing visually appealing interfaces and maintaining interactive dashboards using React and Python, alongside ensuring quality through unit tests and version control. Proficiency in React, Javascript, Python, testing frameworks, and visual reporting tools like Grafana is important along with effective collaboration skills within cross-functional teams to implement UI features and stay updated with industry trends.

Qualified applicants must be U.S. Citizens. Current active SECRET clearance is desired.

We are seeking a skilled DevSecOps Engineer to support Department of Defense (DoD) programs by integrating security automation, compliance enforcement, and custom tool development across secure DevOps environments. This position focuses on building and maintaining automated security tooling within CI / CD pipelines, supporting RMF-based ATO efforts, and enabling secure cloud and hybrid DoD infrastructures. The ideal candidate brings experience developing DevSecOps solutions in classified or controlled environments, with deep familiarity in STIGs, DoD Cloud Computing SRG, and continuous compliance.

Roles & Responsibilities :

  • Design, develop, and deploy custom DevSecOps tooling to automate security testing, compliance validation, and infrastructure deployment in accordance with DoD policies.
  • Integrate static code analysis (SAST), dynamic analysis (DAST), container security, SBOM generation, and dependency scanning into secure CI / CD workflows.
  • Automate enforcement and reporting of compliance controls such as DISA STIGs, NIST 800-53, and DoD Cloud Computing SRG.
  • Support and contribute to the RMF process, including security documentation, vulnerability scanning, POA&Ms, and achieving / maintaining Authority to Operate (ATO).
  • Develop Infrastructure-as-Code (IaC) templates and pipelines (e.g., Terraform, Ansible, CloudFormation) with embedded security guardrails.
  • Collaborate with cross-functional teams, including system administrators, software developers, ISSOs, and SCA teams, to ensure continuous security integration.
  • Monitor pipeline activity and infrastructure logs for anomalous behavior, threats, or misconfigurations, and respond to incidents as needed.
  • Develop dashboards, scripts, and APIs to support internal security workflows, audit readiness, and data visualization for leadership.
  • Stay informed on the latest DoD cybersecurity mandates, emerging threats, and approved tools / technologies under DoD policy and FedRAMP.

Requirements :

  • U.S. Citizenship and active DoD Secret clearance (Top Secret preferred or ability to obtain).
  • Bachelor’s degree in Computer Science, Engineering, Cybersecurity, or a related technical field—or equivalent practical experience.
  • Minimum 3–5 years supporting DoD or federal IT programs with DevOps or cybersecurity automation.
  • Experience designing secure CI / CD pipelines using GitLab CI / CD, Jenkins, GitHub Actions, or similar.
  • Proficient in at least one programming / scripting language (e.g., Python, Bash, PowerShell).
  • Familiarity with DoD Risk Management Framework (RMF) and security documentation.
  • Strong understanding of DISA STIGs, ACAS / Nessus scanning, SCAP compliance, and audit traceability.
  • Experience with secure cloud environments, preferably AWS GovCloud, Azure Government, or milCloud.

    • Preferred Qualifications :

  • Experience supporting Continuous ATO, DevSecOps Reference Design, or Platform One / Iron Bank toolchains.
  • Familiarity with container orchestration and security (Kubernetes, Istio, Twistlock, Trivy, etc.).
  • Certifications such as CompTIA Security+, CISSP, AWS Certified Security – Specialty, or GIAC DevSecOps.
  • Knowledge of SBOM management tools (CycloneDX, SPDX) and DoD software supply chain initiatives.

    • Benefits :

  • Competitive salary
  • Outstanding 401(k) retirement plan with both Traditional and Roth options and generous corporate contributing
  • Group medical insurance
  • Dental / Vision Insurance
  • Life insurance
  • AD&D coverage
  • Paid holiday and Paid Time Off
  • Business casual work environment

    • Working Conditions :

  • Full-time, exempt position supporting one or more DoD contracts.
  • Hybrid or remote eligible depending on program classification level and facility access requirements.
  • Occasional CONUS travel to customer sites or secure facilities may be required.
  • On-call availability in support of critical system deployments or incident response.

    • GBL is an Equal Employment Opportunity employer.

    Salary Range : $67,275 USD to $115,244 USD. Salary is based on current qualifications, related experience, and contractual requirements which could fall outside of this range.

    Please email your cover letter, resume and salary requirements to hr@gblsys.com .

    serp_jobs.job_alerts.create_a_job

    Software Engineer • Camarillo, California, United States