Principal DevSecOps Engineer(Active Clearance Required)

extra holidays - extra parental leave
Work set-up: 
Full Remote
Contract: 
Full time
Experience: 
Senior (5-10 years)
Work from: 
Colorado (USA), District of Columbia (USA), Maryland (USA), North Carolina (USA), Texas (USA), Virginia (USA)

Offer summary

Qualifications:

8+ years of experience in DevSecOps, systems engineering, or infrastructure software development., Expertise in designing and operating cloud-native platforms using AWS, Azure, or GCP., Proficiency in Kubernetes, Docker, and cloud-native application orchestration., Strong skills in Golang or similar languages, with experience in infrastructure as code, preferably Pulumi..

Key responsibilities:

  • Architect and implement secure, scalable cloud infrastructure using Kubernetes and Pulumi.
  • Support security and operations across air-gapped and classified environments in collaboration with government partners.
  • Build and manage CI/CD pipelines incorporating DevSecOps best practices.
  • Design, develop, and debug microservices in Go, focusing on security and performance.

Second Front Systems logo
Second Front Systems Scaleup http://www.secondfront.com/
51 - 200 Employees
See all jobs

Job description

ABOUT THE ROLE

Second Front Systems (2F) is seeking an ambitious and visionary Principal DevSecOps Engineer to join our missiondriven team. We are a dynamic, fastgrowing entrepreneurial company at the intersection of cuttingedge technology and national security, committed to delivering transformative solutions that empower our nation’s defenders. This is an opportunity to play a pivotal role in shaping the future of a company that is redefining the way software is delivered and secured in the defense sector.

At 2F, we thrive on innovation and purpose, combining a startup’s agility with a clear mission to support national security. You will be at the forefront of driving the DevSecOps strategy behind the deployment and scaling of our revolutionary Game Warden platform—an industryleading tool that is accelerating the secure adoption of missioncritical SaaS solutions for the U.S. government. If you’re ready to contribute to a team that values ingenuity, collaboration, and impact, we want to hear from you.

Note: This position requires U.S. citizenship due to government contract requirements.

Candidates must be located in the following geographic areas: DMV (DCMarylandVirginia), RaleighDurhamChapel Hill, DenverColorado Springs, and DallasFort Worth.

What You’ll Do
  • Architect and implement scalable, secure cloud infrastructure using Kubernetes and Pulumi (Gobased), ensuring compliance with DoD and IC requirements.
  • Support the security and operations of the 2F Suite across airgapped and classified environments, working directly with government partners and security teams.
  • Build and manage CICD pipelines integrating DevSecOps best practices from development through deployment.
  • Integrate and maintain SIEM and security tooling, ensuring observability and compliance across all deployed systems.
  • Design, develop, and debug microservices in Go (Golang), focusing on performance, security, and modularity.
  • Work crossfunctionally to assess infrastructure needs, prioritize development, and deliver on product roadmap milestones in a fastpaced Agile environment.
  • Document your work thoroughly—from infrastructure to internal procedures—to ensure secure, repeatable, and auditable deployments.
  • Collaborate directly with DoDIC stakeholders to provision secure cloud resources and meet deployment criteria in classified settings.
  • Contribute to R&D and experimentation efforts needed to advance platform and capabilities in secure and disconnected environments.
  • Act as a mentor and thought leader, helping to shape internal DevSecOps strategy and infrastructure standards.

  • Skills You’ll Bring to Our Team
  • 8+ years of relevant experience in DevSecOps, systems engineering, or infrastructure software development.
  • Architectlevel expertise in designing and operating cloudnative platforms using AWS, Azure, or GCP.
  • Deep experience with Kubernetes, Docker, and cloudnative application orchestration.
  • Strong proficiency in Golang or similar languages (e.g., Rust), particularly with infrastructure as code (Pulumi preferred.)
  • Familiarity with compliance frameworks such as FedRAMP, DoD SRG, NIST 80053, and the RMFATO process.
  • Proven experience deploying systems in airgapped or classified environments.
  • Experience building and maintaining secure CICD pipelines and integrating security throughout the SDLC.
  • Handson experience designing, implementing, or managing SIEM, monitoring, and alerting systems.
  • Understanding of REST APIs, authentication flows, eventdriven architecture, and microservice patterns.
  • Excellent written and verbal communication skills, with strong documentation habits.
  • Comfortable working independently and in distributed teams, managing competing priorities across complex projects.

  • Preferred Qualifications
  • Certified AWS or Azure Solutions Architect.
  • Experience working in earlystage or highgrowth startup environments
  • DoD 85708140 compliant IAT2 (or willingness to obtain compliance within 3 months of hire)
  • Familiarity with GitLab, Google Workspace, and Slack
  • Strong interest in U.S. national security and missiondriven innovation
  • Expertise in control frameworks such as NIST RMF and FedRAMP
  • Perks & Benefits

    This role is fulltime. As a public benefit corporation, we’re a team of purposedriven trailblazers transforming the future of U.S. national security. We hire the best to do their best and, as such, we are committed to providing the perks and benefits you need to be successful—both in and outside the workplace.

    We offer you:

    Competitive Salary
    100% Healthcare, vision, and dental coverage
    401(k) + 3% company contribution
    Wellness perks (Fitness classes, mental health resources)
    Equity incentive plan
    Tech + office supplies stipend
    Annual professional development stipend
    Flexible paid time off + federal holidays off
    Parental leave
    Work from anywhere

    Referral Bonus: Visit our careers page to learn more.

    WHO WE ARE

    At Second Front Systems (2F), we equip defense and national security professionals for longterm, continuous competition for access to emerging technologies. Founded by two former U.S. Marines with firsthand experience of the dangers outdated technology poses in combat, our team is dedicated to fasttracking government access to disruptive, commerciallyproven technology for U.S. national security missions.

    Our Game Warden product, a fully managed and compliant DevSecOps platform, accelerates the process for accrediting software as a service (SaaS) applications for government use.

    Learn how 2F can help you make an impact on national security missions at www.secondfront.com

    ONE LAST THING…

    We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity or expression, pregnancy, age, national origin, disability status, genetic information, protected veteran status, or any other characteristic protected by law.


    Are you ready to join our team?

    To apply, click the “Apply for This Job” button at the top or bottom of this page and complete the application form.

    This position will remain open until filled, and applications will be reviewed on a rolling basis.

    STATE NOTICES

    Colorado:

    In accordance with Colorado law, applicants may redact their date of birth, dates of attendance, and dates of graduation from any uploaded documents.

    Maryland:

    UNDER MARYLAND LAW, AN EMPLOYER MAY NOT REQUIRE OR DEMAND, AS A CONDITION OF EMPLOYMENT, PROSPECTIVE EMPLOYMENT, OR CONTINUED EMPLOYMENT, THAT AN INDIVIDUAL SUBMIT TO OR TAKE A POLYGRAPH EXAMINATION OR SIMILAR TEST. AN EMPLOYER WHO VIOLATES THIS LAW IS GUILTY OF A MISDEMEANOR AND SUBJECT TO A FINE NOT EXCEEDING $100.
    •

    Required profile

    Experience

    Level of experience: Senior (5-10 years)
    Spoken language(s):
    English
    Check out the description to know which languages are mandatory.

    Hard Skills

    DevSecOpsAWS Cloud ServicesKubernetesCloud ComputingApplication Programming Interface (API)Compliance ManagementMicroservicesCI/CDInfrastructure as Code (IaC)Docker (Software)Microsoft AzureFedRAMPSlack (Software)gRPCGit (Version Control System)Google Workspace

    Other Skills

    • Teamwork
    • Communication
    • Problem Solving
    Are you interested?

    DevSecOps Engineer Related jobs

    See more DevSecOps Engineer jobs