SR International
Senior DevSecOps Engineer LocalNonLocals Hybrid
SR International, Harrisburg, Pennsylvania, us, 17124
Job Title: Senior DevSecOps Engineer (Local/Non-Locals – Hybrid) Job Code: PA 777897 Location: Mechanicsburg, PA (Hybrid – 60% Remote / 40% Onsite) Contract Duration: Until 06/30/2026 Work Hours: 8 AM – 5 PM (1-hour lunch)
Position Overview: The Commonwealth of PA – PSDC (Public Safety Delivery Center) is seeking a Senior DevSecOps Engineer to join the PSDC Solutions Management group. This hybrid role requires hands-on experience with AWS security automation, CI/CD pipeline hardening, and compliance enforcement. Local candidates are preferred, but non-locals willing to relocate are encouraged to apply.
Work Location: Hybrid with two days onsite at 1920 Technology Parkway, Mechanicsburg, PA 17050. Candidates must be onsite on the first day to pick up Commonwealth-issued equipment, complete badging, and fulfill compliance requirements.
Eligibility: Candidates must successfully pass PATCH and PSDC/CJIS background checks, including fingerprinting.
Pre-Screen Questions:
This position requires an in-depth background check, including fingerprinting. Do you accept this requirement?
Where do you currently reside?
Role Summary: The Senior DevSecOps Engineer will:
Build secure-by-default AWS CDK constructs and CloudFormation templates.
Integrate templates into CI/CD pipelines with SAST, SCA, IaC, container, and secret scanning gates.
Enforce compliance aligned to CJIS and NIST 800-53 standards.
Provide Terraform equivalents where required.
Generate auditor-ready artifacts and evidence exports.
Responsibilities:
Author and maintain AWS CDK constructs, CloudFormation templates, and Terraform modules.
Implement AWS Config conformance, Security Hub standards, and GuardDuty routing in reference accounts.
Wire scanning in CI/CD for application code, containers, and IaC.
Create reusable GitHub Actions and Azure DevOps templates with enforcement gates.
Generate posture and evidence reports mapped to CJIS and NIST controls.
Coach pilot teams and escalate gaps to enterprise teams for organization-level enforcement.
Required Skills & Experience:
5+ years AWS security automation and DevOps experience
Strong AWS CDK and CloudFormation skills; working proficiency in Terraform
CI/CD authoring experience in GitHub Actions and Azure DevOps
Proficient in Python and Bash, with PowerShell for Windows automation
Able to read Java and C# to integrate and tune SAST/SCA tools
Practical knowledge of CJIS and NIST 800-53 control families and how to automate compliance checks
Nice-to-Have Skills:
EKS/ECS/Lambda hardening patterns
OPA/Conftest, Checkov, Trivy, Inspector, CodeQL or equivalent
Basic Azure security automation
Decision Rights: The role has independent design and build authority within standards, proposes guardrails and reference patterns, and escalates enterprise-wide changes as needed.
Primary Skills: NIST, Python, SAST, SCA, IaC, AWS CDK, CJIS, GuardDuty routing, CI/CD authoring, AWS security automation, DevOps, Bash, PowerShell, NIST 800-53
Flexible work from home options available.
Position Overview: The Commonwealth of PA – PSDC (Public Safety Delivery Center) is seeking a Senior DevSecOps Engineer to join the PSDC Solutions Management group. This hybrid role requires hands-on experience with AWS security automation, CI/CD pipeline hardening, and compliance enforcement. Local candidates are preferred, but non-locals willing to relocate are encouraged to apply.
Work Location: Hybrid with two days onsite at 1920 Technology Parkway, Mechanicsburg, PA 17050. Candidates must be onsite on the first day to pick up Commonwealth-issued equipment, complete badging, and fulfill compliance requirements.
Eligibility: Candidates must successfully pass PATCH and PSDC/CJIS background checks, including fingerprinting.
Pre-Screen Questions:
This position requires an in-depth background check, including fingerprinting. Do you accept this requirement?
Where do you currently reside?
Role Summary: The Senior DevSecOps Engineer will:
Build secure-by-default AWS CDK constructs and CloudFormation templates.
Integrate templates into CI/CD pipelines with SAST, SCA, IaC, container, and secret scanning gates.
Enforce compliance aligned to CJIS and NIST 800-53 standards.
Provide Terraform equivalents where required.
Generate auditor-ready artifacts and evidence exports.
Responsibilities:
Author and maintain AWS CDK constructs, CloudFormation templates, and Terraform modules.
Implement AWS Config conformance, Security Hub standards, and GuardDuty routing in reference accounts.
Wire scanning in CI/CD for application code, containers, and IaC.
Create reusable GitHub Actions and Azure DevOps templates with enforcement gates.
Generate posture and evidence reports mapped to CJIS and NIST controls.
Coach pilot teams and escalate gaps to enterprise teams for organization-level enforcement.
Required Skills & Experience:
5+ years AWS security automation and DevOps experience
Strong AWS CDK and CloudFormation skills; working proficiency in Terraform
CI/CD authoring experience in GitHub Actions and Azure DevOps
Proficient in Python and Bash, with PowerShell for Windows automation
Able to read Java and C# to integrate and tune SAST/SCA tools
Practical knowledge of CJIS and NIST 800-53 control families and how to automate compliance checks
Nice-to-Have Skills:
EKS/ECS/Lambda hardening patterns
OPA/Conftest, Checkov, Trivy, Inspector, CodeQL or equivalent
Basic Azure security automation
Decision Rights: The role has independent design and build authority within standards, proposes guardrails and reference patterns, and escalates enterprise-wide changes as needed.
Primary Skills: NIST, Python, SAST, SCA, IaC, AWS CDK, CJIS, GuardDuty routing, CI/CD authoring, AWS security automation, DevOps, Bash, PowerShell, NIST 800-53
Flexible work from home options available.