<p>Kforce's client, a leading engineering technology company in Orem, UT, is looking a DevSecOps Engineer. This company designs and manufactures advanced electro-mechanical systems for defense and aerospace applications. Their innovative products-from secure communication devices to autonomous platforms-help keep military personnel safe, connected, and informed. The DevSecOps Engineer will embed security into rapid development cycles and ensure the resilience of mission-critical systems from design through deployment. This is a full onsite position.</p> <p>Summary: As a DevSecOps Engineer, you will be a key member of the engineering team, bridging development, security, and operations across cloud, software, hardware, and embedded systems. You will champion the concept of -security as code-, automating security controls and processes so products are secure by default-not as an afterthought. This position will lead efforts to achieve Authority to Operate (ATO) through DoD standards and play a critical role in securing systems from inception to delivery.</p> <p>Key Responsibilities:</p> <ul> <li>Design and manage secure CI/CD pipelines </li><li>Integrate automated security testing and implement Infrastructure as Code (IaC) for secure provisioning </li><li>Secure containerized applications and orchestration platforms (Docker, Kubernetes) </li><li>Ensure compliance with defense standards: RMF, CMMC, NIST 800-53/171 </li><li>Implement security monitoring and incident response processes </li><li>Collaborate closely with engineering and software teams* Bachelor's degree in a technical field or equivalent experience </li><li>Certifications: Security+, CISSP (preferred) </li><li>3+ years in DevSecOps, DevOps, or Security Engineering </li><li>Cloud infrastructure (AWS or other providers), including EC2, Elastic IPs, backup/data retention automation </li><li>CI/CD tools (GitLab), containerization (Docker), orchestration (Kubernetes) </li><li>Linux OS experience </li><li>Familiarity with IaC tools and security best practices </li><li>Compliance knowledge: NIST, POA&M, STIGs; DoD frameworks (PlatformOne), CMMC/NIST 800-171 </li><li>Visa sponsorship is not available for this position </li><li>Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information </li><li>Ideal candidates may also come from other government agencies or federally regulated environments </li></ul> <p>Desired Skills:</p> <ul> <li>Imaging tools (Ghost, Fog) </li><li>Networking background (ZeroTier, Tailscale) </li><li>Familiarity with embedded systems </li><li>Scripting proficiency (Python, Bash) is a plus </li></ul>