DevSecOps/Cloud Engineer

At Simple Technology Solutions, our people are our priority. We know our team members are more than employees—they’re parents, friends, volunteers, artists, and athletes. That’s why we offer flexibility to help them thrive personally and professionally while delivering exceptional solutions to our Federal Government clients.

Our culture is built on collaboration, continuous learning, and excellence. We are mentors and thought leaders who share knowledge and foster growth. Recognized as a “Best Place to Work,” we believe a range of perspectives helps us drive innovation and exceed customer expectations. At STS, taking care of our people isn’t a perk—it’s the standard.

As a HUBZone company, we also offer special incentives for team members living in qualified HUBZones. Check out the HUBZone map HERE to see if you qualify!

Simple Technology Solutions is looking for a DevSecOps/Cloud Engineer to add to our team.

Quick Position Overview:

US Citizenship is required

Bachelor's Degree is required

minimum of 4 years' position related experience is required

The Role: 

STS is looking for a DevSecOps / Cloud Engineer to join a federal data engineering team. You will own the deployment infrastructure and security controls for a large-scale federal cloud platform on AWS, keeping mission-critical systems running securely and reliably. A passion for automation, rigorous security discipline, and meticulous compliance with federal deployment standards are prerequisites for this position. 

This position is contingent upon contract award. 

The DevSecOps / Cloud Engineer at STS will: 

Design, build, and maintain the program's CICD pipeline using AWS CloudFormation templates and GitHub; automate deployments to staging and production environments ensuring all deployments execute with a single command and trigger AWS Service Catalog product launches to create Lambda functions, SNS topics, and Glue jobs 

Enforce Immutable Architecture principles across all ETL deployments; use deployment tools, CloudWatch logging, and other approved methods to ensure production and configuration environments remain consistent and controllable 

Implement and maintain Zero Trust Architecture (ZTA) across the platform per federal Zero Trust mandates; configure and maintain IAM roles, network controls, and application-layer security controls across development, staging, and production environments 

Integrate automated security scanning into the CICD pipeline — including SAST, OWASP ZAP dynamic scanning, dependency analysis, and government-provided container analysis tools — ensuring code delivered to production is free of medium- and high-level vulnerabilities per OWASP ASVS Level 2 

Ensure security scans are completed at least once per sprint and included in the Definition of Done for every user story; document and explain all false positives 

Manage AWS Secrets Manager for ETL metadata database credentials; ensure certificates and credential configurations are valid and accessible across all environments 

Conduct periodic load and performance testing; collaborate with the IV&V team to resolve findings 

Manage the Change Control Board (CCB) submission process; ensure Change Requests are submitted within required timelines and project closeout checklists are completed following successful production deployments 

Support disaster recovery exercises and actual events to ensure production data loads continue as expected; maintain runbooks and operational procedures 

Ensure compliance with FISMA, NIST 800-53, OWASP ASVS Level 2, federal software supply chain security requirements, and the Trusted Internet Connections (TIC) Initiative 

Maintain alignment with agency cloud well-architected principles, S3 standards, and zone-level ingestion rules across all deployed infrastructure 

Provide pre-production support including deployments and data loads in lower environments; maintain the performance metrics dashboard with real-time data 

Participate in 2-week sprint ceremonies, quarterly PI planning, and agile delivery using JIRA and GitHub 

Education and Experience: 

Required 

Bachelor's degree or higher in Computer Science, Information Systems, Cybersecurity, or a related field 

4+ years of experience in DevSecOps, cloud engineering, or platform engineering on AWS 

Hands-on experience with AWS CloudFormation, Infrastructure-as-Code deployments, and AWS Service Catalog in a FedRAMP-authorized environment 

Direct experience with AWS services: Lambda, Glue, S3, CloudWatch, Secrets Manager, SNS, SQS, EventBridge, Step Functions, EC2, and EMR 

Experience building and maintaining CI/CD pipelines using GitHub Actions or GitLab CI with branch-based deployment models 

Demonstrated knowledge of Zero Trust Architecture and experience implementing ZTA on AWS per federal mandates 

Experience with OWASP ZAP, SAST tools, dependency analysis, and container security scanning integrated into CI/CD pipelines 

Experience with IAM role management, Secrets Manager credential patterns, and certificate management across multi-environment setups 

Knowledge of FISMA, NIST 800-53, and the federal SDLC/ATO process; federal agency experience strongly preferred 

Familiarity with Immutable Architecture principles and single-command deployment standards 

Experience with agile sprint-based delivery, JIRA, GitHub, and CCB process management 

Must be able to work 8am-5pm Eastern Time regardless of home location; availability for on-call rotation required 

Active federal public trust suitability determination or ability to obtain one required 

STS is committed to equal employment opportunity and merit-based employment practices. STS provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination, harassment, and retaliation in all employment practices and decisions in accordance with applicable federal, state, and local laws.

Employment decisions at STS are based on individual qualifications, performance, skills, and business needs, without regard to race, color, religion, sex, national origin, age, disability, protected veteran status, sexual orientation, gender identity, genetic information, marital status, or any other status protected by applicable law.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, compensation, training, transfer, discipline, termination, layoff, recall, and leaves of absence.

---

Applicants may request removal from our applicant database, or specific information about how the data is used by contacting recruiting@simpletechnology.io.