DevSecOps Engineer

Job Summary

To support a leading government-focused technology organization, the remote DevSecOps Engineer (Vulnerability Management) will analyze and prioritize vulnerability findings, partner with engineering teams for remediation, and manage container security in a long-term contract position.

Key responsibilities

• Analyze and triage vulnerability findings, prioritizing remediation based on risk and operational impact
• Partner with engineering teams to remediate vulnerabilities through secure coding practices across React and NodeJS applications
• Manage and improve Kubernetes (EKS) security, including image scanning and workload hardening

Required qualifications

• Hands-on experience in AWS GovCloud with a strong understanding of cloud security and compliance requirements
• Expertise in Kubernetes security (EKS), including RBAC and container security best practices
• Experience remediating vulnerabilities in JavaScript-based applications, specifically React and NodeJS
• Familiarity with vulnerability management tools such as Tenable, Qualys, or Aqua
• Ability to communicate security findings clearly and translate them into actionable remediation tasks