DevSecOps Engineer (1455) - Zapata Technology - Augusta, GA

Referral Eligible

Summary:

As a DevSecOps Engineer, you will incorporate security mechanisms into CI/CD workflows and infrastructure automation to support secure, compliant software releases within a regulated, mission-driven setting. You will automate vulnerability scanning and compliance checks, assist development teams in addressing risks early in the lifecycle, help sustain audit/ATO preparedness, and contribute to monitoring and incident response efforts. This position requires practical technical execution, disciplined documentation practices, and the ability to clearly articulate risk to both technical and non-technical audiences.

Job Qualifications:

Qualifications and Skills include:

Hands-on experience securing or operating CI/CD pipelines and modern deployment workflows.
Demonstrated ability to automate security/ops tasks using scripting/programming (i.e., Python, Bash, etc.).
Working knowledge of secure system design and operational security fundamentals (least privilege, secrets handling, patching, logging/monitoring, vulnerability management).
Experience working in regulated/compliance-driven environments (e.g., audit requirements, security controls, change management).
Strong written communication skills with proven ability to document procedures and communicate technical risk clearly.
Embed and maintain security controls in CI/CD pipelines to support secure, repeatable software delivery.
Software composition analysis (SCA), container/image scanning, and infrastructure/configuration security checks.
Implement and maintain policy-as-code / security gates aligned to program requirements and risk tolerance (e.g., blocking high-severity findings where appropriate, exception handling, evidence capture).
Support development teams with shift-left security: triage findings, validate risk, recommend remediation, and verify fixes.
Maintain and improve Infrastructure-as-Code (IaC) and deployment automation t