Lead DevSecOps Engineer
Clearance Required: Top Secret
Location: On-Site, Pentagon, Washington, D.C.
Position Type: Full-Time
Company: VivSoft Technologies

About the company:
VivSoft is an emerging technology company that specializes in using modern technologies to solve our clients' toughest mission challenges. We are focused on Cloud, Enterprise DevSecOps, Artificial Intelligence, and Digital Customer Experience to drive mission-enabling digital transformation. Our passion is building mission-focused, open, scalable solutions. We are a diverse team of strategists, engineers, designers, and creators experienced in building high-performance software and AI factory accelerators by embracing automation. 

Job Summary:
The DevSecOps Engineer Lead will provide technical leadership and hands-on expertise in the design, development, and implementation of secure and scalable CI/CD pipelines. This role focuses on driving secure software delivery across classified and unclassified environments.

Key Responsibilities:

• Lead the development and optimization of CI/CD pipelines using modern DevSecOps tooling.
• Implement Infrastructure-as-Code (IaC) to automate provisioning across multiple environments.
• Orchestrate containerized workloads using Kubernetes and Helm.
• Enforce automated security controls and compliance frameworks throughout the pipeline.
• Generate and manage Software Bill of Materials (SBOM) and support supply chain risk management (SCRM) initiatives.
• Ensure secure, consistent deployments across all enclaves (development, staging, production).
• Mentor DevSecOps team members and collaborate with developers, security analysts, and infrastructure engineers.

Required Qualifications:

• 7+ years of experience in DevOps, Site Reliability Engineering, or Infrastructure Engineering.
• 3+ years in a lead or architect role supporting DevSecOps implementation.
• Hands-on experience with Kubernetes, Docker, GitLab/GitHub Actions, Jenkins, or similar pipeline tools.
• Strong skills in Terraform, Ansible, or other IaC tools.
• Familiarity with NIST, DoD STIGs, or RMF requirements for secure environments.
• Experience generating and managing SBOMs (e.g., CycloneDX, SPDX).
• Understanding of software supply chain vulnerabilities and risk mitigation strategies.

• Comprehensive Medical, Dental, and Visions Plans (Healthcare benefits are 100% employer-paid for employees only) 
• Life Insurance 
• Paid Time Off (Flexible/Combined PTO, Bereavement Leave, 11 Company Paid Holidays) 
• 401K Retirement Plan with employer match 
• Professional Development Training Reimbursement 
• Flexible/remote work schedules