Senior CI/CD Security Engineer (Top Secret)

A background of 6+ years in cloud/platform operations or related roles across diverse environments, or recently finishing their PhD in a technical field Develop and implement CI/CD pipelines, integrating security and compliance measures for continuous code deployment by API teams. Experience in working with GitLab preferred. Proficiency in script writing, irrespective of programming languages. Ability to manage infrastructure assets, encompassing networks, servers, operating systems, and databases. Knowledge of software packaging tools (.exe, .deb, .rpm, and Docker). Proficiency in version control tools such as Git, Subversion, and Mercurial. Experience in managing cloud providers, including AWS, GCP, and Azure. Familiarity with security, vulnerability, monitoring, and code coverage analytical tools. Full-stack experience covering both frontend and backend development. Strong background in API Development. Comfortable operating software in Linux environments. Solid understanding of algorithms, databases, and design patterns, with effective application. Excellent communication skills with a preference for a pair-programming environment. Proficient in Test-Driven Development (TDD) and agile methodologies. Strong facilitation skills. A degree (BA/BS) in Computer Science or a related field, or equivalent practical experience Must have an active "Top Secret" DoD clearance

Contribute to the design and implementation of CI/CD principles and frameworks that enhance software delivery performance, reliability, and security—embedding dependency analysis and SLSA compliance throughout the pipeline. Continuously review and refine CI/CD practices to improve efficiency, reliability, and supply chain security, including regular updates to dependency scanning and build provenance verification processes. Provide technical expertise in configuring, operating, and optimizing CI/CD tools and platforms (e.g., GitHub Actions, GitLab CI, Jenkins, ArgoCD), with a focus on secure build pipelines, artifact signing, and dependency management. Collaborate closely with product and platform teams to design and maintain pipeline configurations that ensure reproducible builds, integrity of software artifacts, and alignment with SLSA levels. Implement process automation to eliminate manual steps, integrating security controls such as static and dynamic analysis, dependency scanning, and signed artifact verification directly into CI/CD workflows. Maintain close communication with product teams to understand their build and deployment needs, ensuring pipelines deliver a seamless, automated, and secure path from source code to production.