Senior Security Automation Engineer (DevSecOps)

Job Description

Job Description

What You’ll Be Building

You’ll help design and implement a modern security automation platform, including:

• Compliance-as-Code (STIG, CIS, ISO 27001 controls enforced programmatically)
• Immutable, hardened Linux images built through container workflows
• CI/CD pipelines with embedded security gates (GitLab)
• Automated vulnerability management pipelines (scan → triage → remediate → verify)
• Infrastructure-as-Code for security tooling and scanning platforms

This isn’t maintenance work—this is greenfield engineering.

Why This Work Matters

Your code will secure CT-based screening systems deployed globally across:

• Airports
• Border control
• Critical infrastructure

These systems operate in regulated, high-security environments where failures have real-world consequences.

You’re not just building pipelines—you’re protecting national infrastructure at scale.

What You’ll Do

• Build and maintain Ansible-based hardening frameworks (DISA STIG, OpenSCAP)
• Engineer secure CI/CD pipelines with enforced security gates
• Create container-based OS images that pass compliance pre-deployment
• Develop Terraform-managed security infrastructure (Tenable, OpenSearch, Grafana)
• Automate vulnerability remediation pipelines
• Replace manual audit prep with continuous compliance and auto-generated evidence
• Map technical controls directly to ISO 27001 requirements

Tech You’ll Work With

• Ansible, Terraform, GitLab CI/CD
• Linux (RHEL/CentOS ecosystem)
• Containers (Docker/Podman, image pipelines)
• Vulnerability scanning (Tenable/Nessus/OpenVAS)
• OpenSCAP, STIG, CIS benchmarks
• OpenSearch / Grafana

What We’re Looking For

• Experience in DevOps, SRE, or security engineering
• Strong automation mindset—you eliminate manual processes
• Hands-on with infrastructure-as-code and CI/CD pipelines
• Comfortable working in Linux-heavy, production environments
• Experience (or strong interest) in security automation and compliance engineering

What Makes This Different

• Greenfield opportunity – build systems from scratch, not maintain legacy
• Engineering-first security – automation over documentation
• Real-world impact – security that protects global infrastructure
• Cross-functional influence – partner with engineering, cybersecurity, and platform teams
• Modern stack – CI/CD, containers, IaC, and compliance automation

Bottom Line

If you’re a DevOps or SRE engineer who moved into security—or a security engineer who writes real code—this is an opportunity to build something modern, meaningful, and scalable.