Pipeline Security Jobs (NOW HIRING)

Job Description Everforth ECS is seeking a Senior Artifact Scanning & Policy Engineer to work in the National Capital Region covering the Pentagon, Falls Church, and Fairfax . Please Note: This position is contingent upon contract award. The War Data Platform (WDP) is a key initiative within the U.S. Department of War's (DoW) AI-First strategy introduced in early 2026. The WDP focuses on operational warfighting data and aims to accelerate the deployment of artificial intelligence (AI) on the battlefield. The WDP extends to Unclassified, Secret, and Top Secret environments, and supports collaboration between Combatant Commands, Joint Staff directorates, Senior Executive Service leaders, and operational analysts. This role implements scanning stages and policy-as-code enforcement for AI and machine-learning serving artifacts within WDP Core Integration deployment pipelines, maintaining enclave-parity scanning standards and supply-chain integrity across Unclassified, SIPR, and JWICS environments to protect mission-critical AI model deployments from vulnerability and configuration risk. • Implements scanning stages and policy-as-code enforcement for artificial intelligence and machine-learning serving artifacts within unclassified War Data Platform (WDP) Core Integration deployment pipelines supporting Department of War missions, Joint Staff analysts, Combatant Command elements, and Senior Executive Service leadership.
• Develops scanning logic, rule sets, and enforcement patterns that validate artifact integrity, security posture, dependency provenance, and configuration compliance prior to deployment.
• Applies Kubernetes, GitLab Continuous Integration, SonarQube, Tenable Nessus, Elastic Stack, VMware environments, and hardened artifact repositories to execute vulnerability assessments, integration checks, and policy-driven gating actions.
• Conducts rule tuning, signature refinement, and policy updates to maintain alignment with evolving mission assurance requirements, cross-domain security architectures, and enterprise DevSecOps standards.
• Maintains higher-domain parity for scanning and policy enforcement across SIPR and JWICS enclaves by adapting rule sets, resolving enclave-specific constraints, and coordinating exception-handling workflows with multi-national engineering teams and cross-service mission partners.
• Produces mission-critical deliverables-including scanning policy documentation, policy-as-code modules, exception-handling records, vulnerability disposition reports, operational risk assessments, and deployment-readiness artifacts.
• Strengthens program value by advancing supply-chain integrity, reinforcing deployment consistency, and supporting continuous release operations across all enclaves.
• Supports Tier-4 incident-response actions by providing authoritative scanning evidence, policy-compliance documentation, and remediation guidance required for operational continuity and sustained mission performance.
• Performs other duties as assigned. Required Skills • Current Secret security clearance with the ability to obtain and maintain a Top Secret (TS) security clearance.
• CompTIA A+ certification.
• Minimum 10 years of experience implementing artifact scanning frameworks, policy-as-code enforcement, and DevSecOps pipeline security controls within classified or federal multi-enclave environments.
• Demonstrated hands-on experience with vulnerability-scanning and pipeline-security tools-including Kubernetes, GitLab CI, SonarQube, and Tenable Nessus-with a proven ability to develop rule sets, tune signatures, and enforce policy-driven gating actions across AI/ML artifact deployment pipelines.
• Proven ability to maintain enclave-parity scanning and policy enforcement across NIPRNet, SIPRNet, and JWICS, including experience adapting rule sets to resolve enclave-specific constraints and managing exception-handling workflows in collaboration with multi-national engineering partners.
• Strong problem-solving and decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution.
• Highly developed interpersonal and oral/written communication skills, with the ability to effectively and professionally interact with a diverse set of stakeholders (from peers to end-users to executive management). Desired Skills • Active Top Secret (TS) security clearance.
• Prior experience working within Platform One or Cloud One environments, including familiarity with BigBang DevSecOps factory frameworks, hardened artifact packaging standards, and pipeline compliance thresholds relevant to DoW software-factory operations.
• Demonstrated expertise in Software Bill of Materials (SBOM) generation and Supply Chain Risk Management (SCRM) practices, including evaluation of open-source and commercial software components for provenance risk and generation of compliance artifacts in support of formal government authorization packages.
• Experience integrating observability platforms-such as Elastic Stack or Prometheus-into scanning pipeline workflows to enable real-time visibility into policy-gate behavior, vulnerability disposition trends, and deployment-readiness metrics.
• Familiarity with Body-of-Evidence (BOE) artifact management and DoW Risk Management Framework (RMF) processes, including the ability to generate and maintain scanning evidence that supports continuous authorization and POA&M adjudication activities. ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law. is the federal segment of , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies. Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow. We value: * Attracting and developing top talent and high-performing teams * Fostering a culture that is engaging, accountable, and mission-driven