Principal DevSecOps Engineer (Security Automation & ATO Lead)

Zaden Technologies, Inc.Huntsville, AL, United States

job_description.job_card.variable_hours_ago

serp_jobs.job_preview.job_type

serp_jobs.job_card.full_time

job_description.job_card.job_description

About Zaden Technologies, Inc.

Join Zaden Technologies on our mission to simplify the delivery and improve the utility of software products for our customers. At Zaden, we believe that our employees are our greatest assets. We hire the right candidates with the right skill sets who fit our culture of customer obsession, innovation, and continuous learning. We are our customers biggest advocate and we are looking for like-minded individuals who encompass these same ideals. It is important to us to offer you competitive pay and comprehensive benefits with opportunities that match your life and propel your career!

Zaden Technologies is seeking a Principal DevSecOps Engineer to lead security and accreditation activities for our defense programs. This role focuses on automation-driven security controls, RMF / ATO ownership, and DevSecOps compliance aligned with DoD DevSecOps Reference Design and Cloud SRG requirements. The ideal candidate will drive security automation across container pipelines, lead Authority to Operate processes, and ensure compliance with DoD security standards in support of critical defense systems.

Role Responsibilities :

Lead Risk Management Framework (RMF) and Authority to Operate (ATO) activities, including POA&Ms, security control tailoring, and evidence package development
Automate container and pipeline hardening using Iron Bank, STIG / CIS baselines, SBOM generation, and image signing
Define and enforce CUI / NIST 800-171 safeguards across build and runtime environments
Implement policy-as-code frameworks (OPA / Gatekeeper) and integrate security scanning into CI / CD pipelines
Partner with prime contractor and government stakeholders to meet Cloud SRG IL4 / IL5 requirements
Troubleshoot complex security and infrastructure issues across multi-cloud environments
Develop and maintain security automation scripts and tooling to reduce manual effort
Provide technical leadership and mentorship to junior team members on security best practices

Required Qualifications :

U.S. Citizenship and ability to obtain a security clearance

8+ years of experience in cybersecurity or DevSecOps roles, preferably in DoD environments

Proven experience leading RMF / ATO activities for Secret or TS systems at IL4 or higher

Deep expertise in container security including Kubernetes, Helm, image scanning / signing, and SBOM generation

Experience with Risk Management Framework (RMF) and NIST 800-171 requirements

Strong troubleshooting and problem-solving skills in complex technical environments

Self-starter with strong self-organizing capabilities and ability to work independently

Experience administering Linux systems, ideally RHEL and RHEL-based distributions

Preferred Qualifications :

Active security clearance (Secret or higher)

Familiarity with DoD Security Requirements Guide (SRG) and DoD DevSecOps Reference Design

Hands-on experience implementing Authority to Operate (ATO) processes in DoD programs

Experience with DSOP Container Hardening Guide and NIST 800-53 controls

Experience with Red Hat Enterprise Linux (RHEL) administration

Familiarity with Windows environments and Azure Virtual Desktop (AVD)

Experience with policy-as-code tools such as Open Policy Agent (OPA) or Gatekeeper

Knowledge of Cloud Security Requirements Guide (SRG) IL4 / IL5 compliance requirements

What we offer :

Robust startup environment with a variety of projects to work on

Growth paths and endless opportunities to learn and develop

Paid holidays

Employer contributions toward 401k

Performance-based bonus and profit-sharing

50% coverage of health insurance for employees and their dependents

PIf7368e181191-31181-38720778

serp_jobs.job_alerts.create_a_job

Principal Security Engineer • Huntsville, AL, United States