Cybersecurity / DevSecOps Engineer

Optimal Solutions & Technologies (OST, Inc.) is focused on excellence. We specialize in providing Management Consulting, Information Technology, and Research Development and Engineering services.

The fundamental distinction of the OST team is its business knowledge in both the public and private sectors. We serve the aerospace & transportation, association & nonprofit, defense, education, energy, financial, healthcare, and technology & telecommunications industries. OST is successful because we listen to our clients, we learn from our clients, and we know our clients.

Sr. Cybersecurity / DevSecOps Engineer

Description of specific duties in a typical workday for this position:

• The Sr. Cybersecurity / DevSecOps Engineer provides cybersecurity engineering and DevSecOps support to Government programs to ensure systems are designed, developed, deployed, and sustained with security embedded throughout the system lifecycle. On a typical day, the engineer integrates cybersecurity controls, automation, and continuous monitoring into development and operational environments to support secure, resilient, and compliant systems.
• Daily responsibilities include supporting the implementation of cybersecurity requirements in accordance with DoD and Federal policies; integrating security controls into CI/CD pipelines; and supporting secure software development practices. The role collaborates closely with systems engineers, developers, cloud architects, and program managers to ensure security requirements are addressed throughout system design, development, testing, deployment, and sustainment.
• Additional duties include supporting Risk Management Framework (RMF) activities; developing and maintaining security automation, scripts, and tools; supporting vulnerability scanning and remediation efforts; implementing identity and access management controls; and monitoring system security posture. The Cybersecurity / DevSecOps Engineer supports the preparation and review of cybersecurity documentation, technical artifacts, and compliance evidence and assists with security testing, validation, and accreditation activities. The role provides technical recommendations to improve system security, automation, and operational efficiency and supports continuous improvement of secure development and operations practices.

Requirements (Years of experience, Education, Certifications):

• Minimum of 10 years of experience supporting cybersecurity engineering, DevSecOps, or secure system development within a DoD, Federal, or enterprise environment
• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, Engineering, or a related technical discipline
• Demonstrated experience with:
  
  
  
  • Secure software development and DevSecOps practices
  • CI/CD pipelines and automation tools
  • Risk Management Framework (RMF) or similar cybersecurity compliance frameworks
  • Vulnerability scanning and remediation
  • Security monitoring and incident response support
  • Cross-functional collaboration across development, operations, and security teams
  
  
  
  
• Active TS/SCI or Secret security clearance (required)

Nice to Have (skills that are not required, but nice to have):

• Experience supporting enterprise transformation, cloud-based systems, or digital modernization programs
• Familiarity with:
  
  
  
  • DevSecOps tools and platforms such as GitLab, Jenkins, GitHub, and Kubernetes
  • Cloud security architectures
  • NIST SP 800-series publications and RMF tools
  
  
  
  
• Industry certifications such as:
  
  
  
  • Security+, CISSP, CISM, or similar credentials
  • Cloud security or DevSecOps certifications
  
  
  
  

This is a full-time position paying a base salary, full benefits, and has possible bonus potential based on merit and performance. To be considered for this position, please apply online with a resume.

OST is an equal opportunity employer. Applicants are considered for positions without regard to race, religion, gender, native origin, age, disability, or any other category protected by applicable federal, state, or local laws.