DevSecOps Engineer

Overview

The DevSecOps Engineer supports the planning, analysis, and implementation activities required to migrate federal government applications into the CyberArk Privileged Access Management (PAM) platform. This role is responsible for providing technical insight into current-state application environments, validating implementation feasibility, identifying dependencies and operational constraints, and supporting the development of technical requirements and migration documentation.

The engineer collaborates closely with Solution Architects, application teams, infrastructure teams, database administrators, cloud engineers, and cybersecurity stakeholders to analyze how applications currently use privileged accounts, credentials, and secrets. Responsibilities include evaluating service account usage, assessing the impact of credential management changes, identifying integration requirements, and supporting the documentation of system behaviors and operational dependencies associated with CyberArk onboarding activities.

This role requires strong technical troubleshooting skills, familiarity with DevSecOps practices, and an understanding of application authentication, credential management, infrastructure automation, and enterprise security controls. The engineer will help ensure alignment across systems and environments while supporting the successful migration of service accounts, application accounts, database accounts, and secrets into CyberArk and AWS Secrets Manager.

The DevSecOps Engineer will participate in technical discovery sessions, support requirements analysis activities, review Jira epics and user stories for technical feasibility and consistency, and assist implementation teams throughout the project lifecycle. Success in this role requires strong analytical skills, effective communication abilities, attention to detail, and the ability to collaborate across multiple technical teams within a federal government environment.

Key Functions

• Analyze current-state application environments to identify how service accounts, application accounts, database accounts, and secrets are currently used and managed.
• Review application architectures, authentication methods, scripts, integrations, and operational processes to determine impacts associated with migrating accounts into CyberArk.
• Assess technical feasibility, system dependencies, operational constraints, and integration requirements related to CyberArk onboarding activities.
• Support requirements gathering and technical discovery sessions with application, infrastructure, security, and cloud engineering teams.
• Identify and document technical impacts associated with credential rotation, password management changes, and privileged access policy updates.
• Evaluate service account usage across applications and identify required changes to support CyberArk-managed credentials.
• Support the development and maintenance of technical documentation, architectural diagrams, process flows, and implementation guidance.
• Assist in documenting account inventories, onboarding requirements, safe mappings, access models, and integration dependencies.
• Review Jira epics, features, and user stories for technical feasibility, completeness, and consistency across systems.
• Collaborate with development and infrastructure teams to validate implementation approaches and ensure alignment across environments.
• Support testing, troubleshooting, and validation activities associated with CyberArk integration and credential migration efforts.
• Coordinate with cloud engineering teams regarding AWS Secrets Manager integrations and hybrid secret management approaches.
• Assist in identifying risks, blockers, and operational considerations associated with migration activities.
• Maintain positive working relationships with federal clients, delivery teams, and technical stakeholders while supporting mission-critical systems.

Minimum Qualifications

• Bachelor’s degree and 1 year of relevant experience.
• An additional 2 years of experience with an Associate’s Degree.
• An additional 4 years of experience with a high school diploma.
• Experience supporting DevSecOps, infrastructure engineering, application support, or system administration activities in enterprise environments.
• Basic understanding of privileged access management (PAM), credential management, or cybersecurity best practices.
• Experience analyzing application configurations, service accounts, authentication methods, or infrastructure dependencies.
• Experience supporting technical documentation and requirements analysis activities.
• Familiarity with cloud environments and secret management solutions such as AWS Secrets Manager.
• Familiarity with scripting, automation, CI/CD pipelines, or infrastructure automation concepts.
• Strong analytical and problem-solving skills.
• Excellent verbal and written communication skills.
• Strong attention to detail and organizational skills.
• Ability to shift focus between competing priorities in a fast-paced environment.
• Ability to work collaboratively across technical and operational teams.

Preferred Qualifications or Skills

• Experience supporting CyberArk or other Privileged Access Management (PAM) platforms.
• Experience supporting federal government systems or environments.
• Experience supporting Public Trust or other federal security compliance requirements.
• Familiarity with AWS cloud services and security best practices.
• Experience using Jira and Confluence.
• Familiarity with DevSecOps and Agile delivery methodologies.
• Experience supporting application modernization or cybersecurity modernization initiatives.
• Basic understanding of credential rotation, RBAC, and enterprise authentication concepts.