Job Requirements
Tampa, FL
Intel Agency (NSA, CIA, FBI, etc) Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
The Opportunity
We are seeking a DevSecOps Engineer with deep Kubernetes expertise to design, implement, and maintain secure, scalable cloud-native platforms. This role bridges development, security, and operations to embed security throughout the software delivery lifecycle while enabling high-velocity engineering teams.
Key Responsibilities (Principal Duties and Accountabilities *Essential Functions)
Platform & Infrastructure
Design, provision, and maintain production Kubernetes clusters (RKE2 / EKS / GKE / AKS) across cloud and on-premises environments
Manage cluster lifecycle: upgrades, node pool scaling, multi-tenancy, and namespace governance
Implement and maintain CNI solutions (Calico, Cilium, Multus) including advanced networking topologies such as macvlan and SR-IOV
Operate GitOps workflows (e. g. ArgoCD) for declarative, auditable cluster state management
Develop and maintain Helm charts for platform and application services
DevSecOps & CI/CD
Build and maintain CI/CD pipelines in GitLab CI (and/or GitHub Actions) with integrated security scanning and artifact signing
Integrate SAST, DAST, SCA, and container image scanning (Trivy, Grype, Semgrep) into pipeline gates
Implement supply-chain security controls: SBOM generation, cosign image signing, and Sigstore policy enforcement
Automate OS image builds using Packer (QEMU, vSphere) targeting RHEL, AlmaLinux, Debian/Ubuntu, and Windows
Manage secrets at scale using Vault, External Secrets Operator, or equivalent solutions
Security & Compliance
Enforce runtime security through admission controllers (Kyverno / OPA Gatekeeper), Pod Security Standards, and network policies
Own vulnerability management processes including scheduled scanning, triage, and remediation SLAs
Support compliance initiatives (SOC 2, FedRAMP, NIST 800-53) by maintaining audit-ready infrastructure-as-code and evidence artifacts
Conduct threat modeling and security architecture reviews for new platform capabilities
Respond to and lead post-mortems for security incidents and infrastructure outages
Observability & Reliability
Deploy and operate observability stacks: Prometheus, Grafana, Loki, and OpenTelemetry collectors
Define and track SLOs/SLAs; build alerting and on-call runbooks to drive reliability improvements
Implement cost observability and right-sizing workflows for cloud and on-prem workloads
Collaboration & Developer Enablement
Partner with development teams to design deployment patterns, resource quotas, and autoscaling strategies
Produce clear documentation, runbooks, and internal training materials for platform capabilities
Mentor junior engineers and participate in architecture decision records (ADRs)
We are seeking a DevSecOps Engineer with deep Kubernetes expertise to design, implement, and maintain secure, scalable cloud-native platforms. This role bridges development, security, and operations to embed security throughout the software delivery lifecycle while enabling high-velocity engineering teams.
Key Responsibilities (Principal Duties and Accountabilities *Essential Functions)
Platform & Infrastructure
Design, provision, and maintain production Kubernetes clusters (RKE2 / EKS / GKE / AKS) across cloud and on-premises environments
Manage cluster lifecycle: upgrades, node pool scaling, multi-tenancy, and namespace governance
Implement and maintain CNI solutions (Calico, Cilium, Multus) including advanced networking topologies such as macvlan and SR-IOV
Operate GitOps workflows (e. g. ArgoCD) for declarative, auditable cluster state management
Develop and maintain Helm charts for platform and application services
DevSecOps & CI/CD
Build and maintain CI/CD pipelines in GitLab CI (and/or GitHub Actions) with integrated security scanning and artifact signing
Integrate SAST, DAST, SCA, and container image scanning (Trivy, Grype, Semgrep) into pipeline gates
Implement supply-chain security controls: SBOM generation, cosign image signing, and Sigstore policy enforcement
Automate OS image builds using Packer (QEMU, vSphere) targeting RHEL, AlmaLinux, Debian/Ubuntu, and Windows
Manage secrets at scale using Vault, External Secrets Operator, or equivalent solutions
Security & Compliance
Enforce runtime security through admission controllers (Kyverno / OPA Gatekeeper), Pod Security Standards, and network policies
Own vulnerability management processes including scheduled scanning, triage, and remediation SLAs
Support compliance initiatives (SOC 2, FedRAMP, NIST 800-53) by maintaining audit-ready infrastructure-as-code and evidence artifacts
Conduct threat modeling and security architecture reviews for new platform capabilities
Respond to and lead post-mortems for security incidents and infrastructure outages
Observability & Reliability
Deploy and operate observability stacks: Prometheus, Grafana, Loki, and OpenTelemetry collectors
Define and track SLOs/SLAs; build alerting and on-call runbooks to drive reliability improvements
Implement cost observability and right-sizing workflows for cloud and on-prem workloads
Collaboration & Developer Enablement
Partner with development teams to design deployment patterns, resource quotas, and autoscaling strategies
Produce clear documentation, runbooks, and internal training materials for platform capabilities
Mentor junior engineers and participate in architecture decision records (ADRs)
- Fluency in English (written and spoken)
- Must meet eligibility requirements to obtain US Security clearance
- Active US Security clearance preferred.
group id: 91074966