Pioneering Evolution
Lead DevSecOps & Compliance Engineer
Pioneering Evolution, Arlington, Virginia, United States, 22201
POSITION DESCRIPTION:
Pioneering Evolution is seeking a full-time, on-site Lead DevSecOps & Compliance Engineer to design, implement, and manage secure, scalable, and audit-ready deployment pipelines for a federal software platform. This high-impact, hands-on role focuses on DevSecOps execution, cloud security, and compliance, ensuring that traceability and security are embedded across the development lifecycle.
You will lead the design and execution of Azure-first deployment pipelines while supporting hybrid operations across both AWS and Azure GovCloud environments. Responsibilities include migrating production tools and workloads from AWS to Azure, supporting secure OpenAI service integrations, and ensuring compliance with federal mandates such as FIAR, NDAA, FedRAMP, and OQE.
This is a hands-on engineering role, not a management-only position. The successful candidate will demonstrate strong technical depth, practical experience in Azure and Kubernetes, and the ability to mentor others while executing mission-critical DevSecOps tasks.
U.S. Citizenship and an active Secret Clearance are required. This position is based in the Washington, D.C. metro area.
Responsibilities: Azure Deployment & Migration Architect, implement, and maintain secure deployment pipelines in Azure DevOps for both single-instance VMs and Azure Kubernetes Service (AKS) clusters. Lead migration of production tools and services from AWS GovCloud (ECS, EC2, RDS, ECR, S3, IAM) to Azure GovCloud (AKS, VMs, Azure SQL/PostgreSQL, ACR, Blob Storage, Entra ID). Ensure hybrid compatibility for workloads requiring both AWS and Azure deployments. DevSecOps Engineering & Compliance Integrate static/dynamic code analysis, CVE scanning, and SBOM generation into CI/CD workflows to secure the software supply chain. Harden containers and deployment artifacts following least-privilege and Zero Trust principles. Implement and manage secrets and credential hygiene using Azure Key Vault (and AWS Secrets Manager where applicable). Ensure deployment pipelines and infrastructure align with federal compliance frameworks (FIAR, NDAA, FedRAMP, OQE). OpenAI & AI/ML Integration Support Support secure integration of Azure OpenAI Services and related cognitive services. Collaborate with AI/ML and backend engineers to enforce traceability, data security, and compliance for model inputs and outputs. Collaboration & Mentorship Partner with developers, data engineers, and security teams to embed security throughout the SDLC. Lead reviews with a focus on auditability, security posture, and compliance readiness. Mentor junior engineers and promote DevSecOps best practices. REQUIRED EXPERIENCE:
Bachelor's degree in Computer Science, Software Engineering, Cybersecurity, or related field. 6+ years of hands-on DevSecOps, cloud security, or infrastructure engineering experience. Proven expertise with Azure GovCloud, including Azure DevOps, AKS, Azure Key Vault, ACR, and VMs. Experience migrating workloads from AWS GovCloud to Azure GovCloud. Strong background in OAuth2, OpenID Connect, and JWT-based authentication/authorization. Proficiency with Docker and Kubernetes-based deployments. U.S. Citizenship and an active Secret Clearance are required. DESIRED EXPERIENCE:
Certifications: Microsoft Certified: Azure Security Engineer Associate (AZ-500) or Security Operations Analyst (SC-200) Microsoft Certified: DevOps Engineer Expert (AZ-400) CKA/CKS (Certified Kubernetes Administrator/Security Specialist) CISSP (preferred for broader security credibility in federal contracts) Familiarity with .NET Core middleware development and API security (nice-to-have). Experience with policy-as-code frameworks (OPA, Gatekeeper) or infrastructure compliance tools. Familiarity with secure reverse proxy frameworks (e.g., YARP) or API gateways. Experience with observability and centralized logging platforms (OpenTelemetry, ELK, Azure Monitor). Understanding of Zero Trust architectures and service identity enforcement. Exposure to federal financial, compliance-driven, or audit-ready systems. WHO WE ARE AND WHAT WE OFFER: In addition to competitive salaries and opportunities for professional development and advancement, our employees enjoy a comprehensive range of benefits. To keep pace with the changing needs of our employees, we continually evaluate benefit plans.
Paid time off 10 paid holidays Medical insurance Dental insurance Vision insurance Legal assistance Company-paid life insurance and AD&D Company-paid long term and short-term disability insurance Tuition reimbursement 401(k) plan with company contribution
You will lead the design and execution of Azure-first deployment pipelines while supporting hybrid operations across both AWS and Azure GovCloud environments. Responsibilities include migrating production tools and workloads from AWS to Azure, supporting secure OpenAI service integrations, and ensuring compliance with federal mandates such as FIAR, NDAA, FedRAMP, and OQE.
This is a hands-on engineering role, not a management-only position. The successful candidate will demonstrate strong technical depth, practical experience in Azure and Kubernetes, and the ability to mentor others while executing mission-critical DevSecOps tasks.
U.S. Citizenship and an active Secret Clearance are required. This position is based in the Washington, D.C. metro area.
Responsibilities: Azure Deployment & Migration Architect, implement, and maintain secure deployment pipelines in Azure DevOps for both single-instance VMs and Azure Kubernetes Service (AKS) clusters. Lead migration of production tools and services from AWS GovCloud (ECS, EC2, RDS, ECR, S3, IAM) to Azure GovCloud (AKS, VMs, Azure SQL/PostgreSQL, ACR, Blob Storage, Entra ID). Ensure hybrid compatibility for workloads requiring both AWS and Azure deployments. DevSecOps Engineering & Compliance Integrate static/dynamic code analysis, CVE scanning, and SBOM generation into CI/CD workflows to secure the software supply chain. Harden containers and deployment artifacts following least-privilege and Zero Trust principles. Implement and manage secrets and credential hygiene using Azure Key Vault (and AWS Secrets Manager where applicable). Ensure deployment pipelines and infrastructure align with federal compliance frameworks (FIAR, NDAA, FedRAMP, OQE). OpenAI & AI/ML Integration Support Support secure integration of Azure OpenAI Services and related cognitive services. Collaborate with AI/ML and backend engineers to enforce traceability, data security, and compliance for model inputs and outputs. Collaboration & Mentorship Partner with developers, data engineers, and security teams to embed security throughout the SDLC. Lead reviews with a focus on auditability, security posture, and compliance readiness. Mentor junior engineers and promote DevSecOps best practices. REQUIRED EXPERIENCE:
Bachelor's degree in Computer Science, Software Engineering, Cybersecurity, or related field. 6+ years of hands-on DevSecOps, cloud security, or infrastructure engineering experience. Proven expertise with Azure GovCloud, including Azure DevOps, AKS, Azure Key Vault, ACR, and VMs. Experience migrating workloads from AWS GovCloud to Azure GovCloud. Strong background in OAuth2, OpenID Connect, and JWT-based authentication/authorization. Proficiency with Docker and Kubernetes-based deployments. U.S. Citizenship and an active Secret Clearance are required. DESIRED EXPERIENCE:
Certifications: Microsoft Certified: Azure Security Engineer Associate (AZ-500) or Security Operations Analyst (SC-200) Microsoft Certified: DevOps Engineer Expert (AZ-400) CKA/CKS (Certified Kubernetes Administrator/Security Specialist) CISSP (preferred for broader security credibility in federal contracts) Familiarity with .NET Core middleware development and API security (nice-to-have). Experience with policy-as-code frameworks (OPA, Gatekeeper) or infrastructure compliance tools. Familiarity with secure reverse proxy frameworks (e.g., YARP) or API gateways. Experience with observability and centralized logging platforms (OpenTelemetry, ELK, Azure Monitor). Understanding of Zero Trust architectures and service identity enforcement. Exposure to federal financial, compliance-driven, or audit-ready systems. WHO WE ARE AND WHAT WE OFFER: In addition to competitive salaries and opportunities for professional development and advancement, our employees enjoy a comprehensive range of benefits. To keep pace with the changing needs of our employees, we continually evaluate benefit plans.
Paid time off 10 paid holidays Medical insurance Dental insurance Vision insurance Legal assistance Company-paid life insurance and AD&D Company-paid long term and short-term disability insurance Tuition reimbursement 401(k) plan with company contribution