International Logic Systems, Inc.
DevSecOps Cybersecurity Architect
International Logic Systems, Inc., Fairfax, Virginia, United States, 22032
ILS Inc. is seeking an experienced Development Security and Operations (DevSecOps) Cybersecurity Architect to drive the secure design, development, and deployment of enterprise IT systems for a federal program. This role is critical in integrating security into every stage of the software development lifecycle (SDLC) and DevOps pipeline, ensuring compliance with federal cybersecurity requirements (NIST 800-53, FedRAMP).
This position requires on-site presence two days per week at our Fairfax, VA headquarters. MUST BE LOCAL TO DC METRO AREA (hybrid support - 2 days in ILS HQ office, located in Fairfax, VA 22033). Must be able to be W2 employee; no C2C.
Responsibilities
Develop a comprehensive roadmap and implementation plan for achieving Continuous Authorization to Operate (cATO), including integration with DevSecOps pipelines and compliance processes. Architect and develop secure DevSecOps practices, embedding security into CI/CD pipelines and development workflows. Design and maintain cybersecurity architecture strategies aligned with federal and program security objectives. Collaborate with development, operations, and security teams to design automation-driven security controls across application and infrastructure layers. Evaluate, recommend, and implement tools that enhance the organization’s security posture Serve as the primary security point of contact for assigned federal information systems throughout the DevSecOps Life Cycle. Ensure compliance with NIST 800-53, FedRAMP, and agency-specific cybersecurity frameworks. Implement tools and processes for supply chain management such as SBOM management, container security and scanning. Coordinate with system owners, engineers, developers, and external stakeholders to implement security controls and remediation strategies. Requirements
Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field. 5+ years of cybersecurity or information security experience, with hands-on experience in secure software development or DevSecOps. Strong knowledge of NIST SP 800-53, FedRAMP, and RMF processes. Experience with containerization and cloud-native security (Docker, Kubernetes/EKS, ECS/Fargate). Familiarity with security automation and scanning tools (e.g., Snyk, Twistlock, SonarQube, Nessus, Qualys). Experience preparing and maintaining ATO packages and supporting Continuous Monitoring (ConMon). Excellent technical documentation, communication, and leadership skills Preferred Skills
Professional certifications such as CISSP, CISM, CAP, or Security+. Experience using eMASS, CSAM, or other compliance management platforms. Understanding of cloud security controls in AWS, Azure, or GCP environments. Strong background in supply chain security, SBOM management, and zero-trust architecture. Experience supporting federal applications and mission-critical environments.
#J-18808-Ljbffr
Develop a comprehensive roadmap and implementation plan for achieving Continuous Authorization to Operate (cATO), including integration with DevSecOps pipelines and compliance processes. Architect and develop secure DevSecOps practices, embedding security into CI/CD pipelines and development workflows. Design and maintain cybersecurity architecture strategies aligned with federal and program security objectives. Collaborate with development, operations, and security teams to design automation-driven security controls across application and infrastructure layers. Evaluate, recommend, and implement tools that enhance the organization’s security posture Serve as the primary security point of contact for assigned federal information systems throughout the DevSecOps Life Cycle. Ensure compliance with NIST 800-53, FedRAMP, and agency-specific cybersecurity frameworks. Implement tools and processes for supply chain management such as SBOM management, container security and scanning. Coordinate with system owners, engineers, developers, and external stakeholders to implement security controls and remediation strategies. Requirements
Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field. 5+ years of cybersecurity or information security experience, with hands-on experience in secure software development or DevSecOps. Strong knowledge of NIST SP 800-53, FedRAMP, and RMF processes. Experience with containerization and cloud-native security (Docker, Kubernetes/EKS, ECS/Fargate). Familiarity with security automation and scanning tools (e.g., Snyk, Twistlock, SonarQube, Nessus, Qualys). Experience preparing and maintaining ATO packages and supporting Continuous Monitoring (ConMon). Excellent technical documentation, communication, and leadership skills Preferred Skills
Professional certifications such as CISSP, CISM, CAP, or Security+. Experience using eMASS, CSAM, or other compliance management platforms. Understanding of cloud security controls in AWS, Azure, or GCP environments. Strong background in supply chain security, SBOM management, and zero-trust architecture. Experience supporting federal applications and mission-critical environments.
#J-18808-Ljbffr