AWS DevSecOps Security Sr Principal

Type of Requisition:

Regular

Clearance Level Must Currently Possess:

None

Clearance Level Must Be Able to Obtain:

None

Public Trust/Other Required:

BI Full 6C (T4)

Job Family:

Software Engineering

Job Qualifications:

Skills:

AWS Cloud Computing, Cloud Computing, Cloud Development

Certifications:

None

Experience:

8 + years of related experience

US Citizenship Required:

No

Job Description:

The CMM AWS DevSecOps Security Sr Principal will work as part of an agile development team to build and support the modernization of enterprise-class software applications.

The AWS DevSecOps Security Sr Principal will be a specialist in GitLab CI/CD and is responsible for integrating automated security controls throughout the CI/CD pipeline and SDLC, responsible for compliance validation, and secure software supply chain protections throughout the AOUSC CI/CD ecosystem. This role serves as the technical lead for secure Infrastructure as Code (IaC), policy-as-code enforcement, container security, pipeline security, software composition analysis, and continuous vulnerability management within AWS-native development environments.

The role ensures all DevSecOps pipelines, infrastructure deployments, containerized workloads, and application releases align with JISF controls, Security Assessment Plan requirements, secure coding standards, and continuous ATO readiness objectives. The engineer embeds automated security validation directly into GitLab CI/CD workflows to enforce security-by-design and prevent non-compliant deployments.

This role additionally supports secure Kubernetes and container orchestration, automated SAST/DAST/SCA scanning, SBOM generation, IaC scanning, runtime security monitoring, and security automation orchestration across all environments.

In addition, the AWS DevSecOps Security Sr Principal will execute the following responsibilities:

• Design and implement secure GitLab CI/CD pipelines with integrated SAST, DAST, SCA, IaC scanning, and secrets detection
• Vulnerability management by supporting remediations of SAST/DAST/SCA findings
• Implement automated policy-as-code validation using Terraform  
• Develop secure Infrastructure as Code standards for AWS environments
• Integrate CNAPP/CSPM/CWPP tooling into CI/CD workflows
• Implement container image scanning and Kubernetes runtime protection
• Perform continuous vulnerability scanning across code repositories, containers, APIs, and infrastructure
• Implement automated rollback and remediation workflows
• Harden Kubernetes clusters, Docker environments, and runtime configurations
• Develop secure secrets management integration patterns using AWS Secrets Manager and KMS
• Implement IaC drift detection and compliance enforcement
• Develop DevSecOps operational standards and pipeline governance procedures
• Automate evidence collection from CI/CD security tools for ATO support
• Configure canary deployment and secure release validation workflows
• Support vulnerability remediation coordination with development teams
• Maintain DevSecOps metrics dashboards and reporting
• Support penetration testing remediation activities
• Provide secure coding guidance aligned to OWASP standards

REQUIREMENTS

• Education: Technical Training, Certification(s), or Degree required; MA/MS preferred. Experience may be considered in lieu of preferred degree as follows: HS (16+ years), AA/AS (14+ years), BA/BS (12+ years), Doctorate Degree/Ph.D. (9+ years)
• 8+ years DevSecOps security experience required; 10+ years of general experience in information systems preferred
• 5+ years AWS cloud security engineering experience
• 5+ years CI/CD security integration experience
• Experience with IaC security and Terraform
• Experience implementing SAST/DAST/SCA tooling
• Experience supporting federal RMF/ATO programs
• Experience integrating telemetry into SIEM platforms
• Experience supporting secure Agile delivery environments
• Strong analytical, documentation, communication, and cross-functional coordination skills.

Certifications

• AWS Certified DevOps Engineer – Professional - must possess or be able to obtain within 180 days of hire
• Certified Kubernetes Security Specialist (CKS) - must possess or be able to obtain within 180 days of hire

Security Clearance Level: Must be able to pass a background check to obtain a position of Public Trust

Must be a US Person

GDIT IS YOUR PLACE
At GDIT, the mission is our purpose, and our people are at the center of everything we do.

● Growth: AI-powered career tool that identifies career steps and learning opportunities
● Support: An internal mobility team focused on helping you achieve your career goals
● Rewards: Comprehensive benefits and wellness packages, 401K with company match, and competitive pay and paid time off
● Flexibility: Full-flex work week to own your priorities at work and at home
● Community: Award-winning culture of innovation and a military-friendly workplace

OWN YOUR OPPORTUNITY
Explore a career in software development at GDIT and you’ll find endless opportunities to grow alongside colleagues who share your dedication to advancing innovation.

#GDITLA

The likely salary range for this position is $136,000 - $184,000. This is not, however, a guarantee of compensation or salary. Rather, salary will be set based on experience, geographic location and possibly contractual requirements and could fall outside of this range.

Scheduled Weekly Hours:

40

Travel Required:

Less than 10%

Telecommuting Options:

Remote

Work Location:

Any Location / Remote

Additional Work Locations:

Total Rewards at GDIT:

Our benefits package for all US-based employees includes a variety of medical plan options, some with Health Savings Accounts, dental plan options, a vision plan, and a 401(k) plan offering the ability to contribute both pre and post-tax dollars up to the IRS annual limits and receive a company match. To encourage work/life balance, GDIT offers employees full flex work weeks where possible and a variety of paid time off plans, including vacation, sick and personal time, holidays, paid parental, military, bereavement and jury duty leave. GDIT typically provides new employees with 15 days of paid leave per calendar year to be used for vacations, personal business, and illness and an additional 10 paid holidays per year. Paid leave and paid holidays are prorated based on the employee’s date of hire. The GDIT Paid Family Leave program provides a total of up to 160 hours of paid leave in a rolling 12 month period for eligible employees. To ensure our employees are able to protect their income, other offerings such as short and long-term disability benefits, life, accidental death and dismemberment, personal accident, critical illness and business travel and accident insurance are provided or available. We regularly review our Total Rewards package to ensure our offerings are competitive and reflect what our employees have told us they value most.

 

 

Our Identity Verification Process:

As part of the hiring process, we will ask you to complete an identity verification process that leverages advanced biometrics and artificial intelligence to ensure authenticity and protect against identity fraud. You are expected to be on camera during virtual interviews. We reserve the right to take your picture to verify your identity and prevent fraud. By proceeding, you authorize the collection, processing, and use of your biometric data for identity verification and security purposes.

 

 

About Our Work:

We are GDIT. A global technology and professional services company that delivers consulting, technology and mission services to every major agency across the U.S. government, defense and intelligence community. Our 26,000 experts extract the power of technology to create immediate value and deliver solutions at the edge of innovation. We operate across 50 countries worldwide, offering leading capabilities in digital modernization, AI/ML, Cloud, Cyber and application development. Together with our clients, we strive to create a safer, smarter world by harnessing the power of deep expertise and advanced technology.

Join our Talent Community to stay up to date on our career opportunities and events at

gdit.com/tc.

Equal Opportunity Employer / Individuals with Disabilities / Protected Veterans