DevSecOps Engineer
$55 - $73.50/hr
Software Composition Analysis (SCA) * Secrets Management and Scanning Tools Review vulnerability findings and collaborate with development teams to remediate issues. Implement automated security ...
$55 - $73.50/hr
Software Composition Analysis (SCA) * Secrets Management and Scanning Tools Review vulnerability findings and collaborate with development teams to remediate issues. Implement automated security ...
$55 - $73.50/hr
Software Composition Analysis (SCA) * Secrets Management and Scanning Tools Review vulnerability findings and collaborate with development teams to remediate issues. Implement automated security ...
Morrisville, NC · On-site
Software Composition Analysis (SCA) * Secrets Management and Scanning Tools • Review vulnerability findings and collaborate with development teams to remediate issues. • Implement automated ...
Morrisville, NC · On-site
Software Composition Analysis (SCA) * Secrets Management and Scanning Tools • Review vulnerability findings and collaborate with development teams to remediate issues. • Implement automated ...
Software Composition Analysis (SCA) * Secrets Management and Scanning Tools • Review vulnerability findings and collaborate with development teams to remediate issues. • Implement automated ...
Software Composition Analysis (SCA) * Secrets Management and Scanning Tools • Review vulnerability findings and collaborate with development teams to remediate issues. • Implement automated ...
Raleigh, NC · On-site
$111K - $152K/yr
Interpret and triage findings from network scanners, Cloud Security Posture Management (CSPM), Software Composition Analysis (SCA), and Static Application Security Testing (SAST). * Provide ...
Raleigh, NC · On-site
$111K - $152K/yr
Interpret and triage findings from network scanners, Cloud Security Posture Management (CSPM), Software Composition Analysis (SCA), and Static Application Security Testing (SAST). * Provide ...
Cary, NC · On-site
$130K - $180K/yr
Preferred experience with Software defined radio architectures (SCA, REDHAWK, or GNU), commercial wireless standards, geolocation techniques, software configuration management tools (GIT), Python ...
Cary, NC · On-site
$130K - $180K/yr
Preferred experience with Software defined radio architectures (SCA, REDHAWK, or GNU), commercial wireless standards, geolocation techniques, software configuration management tools (GIT), Python ...
$130K - $180K/yr
Preferred experience with Software defined radio architectures (SCA, REDHAWK, or GNU), commercial wireless standards, geolocation techniques, software configuration management tools (GIT), Python ...
$130K - $180K/yr
Preferred experience with Software defined radio architectures (SCA, REDHAWK, or GNU), commercial wireless standards, geolocation techniques, software configuration management tools (GIT), Python ...
Raleigh, NC · On-site
$51.25 - $70.25/hr
... SCA, DAST, SAST and WIZ.IO Drive AWS cost optimization through right‑sizing, automation, and cost‑management tooling Required Qualifications 5+ years of experience in DevOps, SRE, or Cloud ...
Quick apply
Raleigh, NC · On-site
$51.25 - $70.25/hr
... SCA, DAST, SAST and WIZ.IO Drive AWS cost optimization through right‑sizing, automation, and cost‑management tooling Required Qualifications 5+ years of experience in DevOps, SRE, or Cloud ...
Kittrell, NC · On-site
$17.20/hr
Public Service Loan Forgiveness (PSLF) Eligible Employer Service Contract Act (SCA) Position Hourly Rate: $17.20 Duties and Responsibilities * The General Clerk II reports to the Education & Training ...
Kittrell, NC · On-site
$17.20/hr
Public Service Loan Forgiveness (PSLF) Eligible Employer Service Contract Act (SCA) Position Hourly Rate: $17.20 Duties and Responsibilities * The General Clerk II reports to the Education & Training ...
DE analyzing Common Vulnerability Exposure (CVE) on third party libraries, using Veracode SCA, MEND, Exploit-DB, and NVD databases; and coordinating actions associated with the dismissal or reopening ...
DE analyzing Common Vulnerability Exposure (CVE) on third party libraries, using Veracode SCA, MEND, Exploit-DB, and NVD databases; and coordinating actions associated with the dismissal or reopening ...
Raleigh, NC · On-site
Coordinate with cross-functional teams to integrate medical device security requirements throughout the product lifecycle, including risk assessments, security testing (SAST, DAST, SCA, penetration ...
Raleigh, NC · On-site
Coordinate with cross-functional teams to integrate medical device security requirements throughout the product lifecycle, including risk assessments, security testing (SAST, DAST, SCA, penetration ...
Raleigh, NC · On-site
$19.53 - $25.41/hr
In accordance with SCA contract requirements, remote work must be conducted from the location specified at the time of hire. Travel is NOT permitted, and you are required to remain at your designated ...
New
Raleigh, NC · On-site
$19.53 - $25.41/hr
In accordance with SCA contract requirements, remote work must be conducted from the location specified at the time of hire. Travel is NOT permitted, and you are required to remain at your designated ...
New
$106K - $146K/yr
Coordinate with cross-functional teams to integrate medical device security requirements throughout the product lifecycle, including risk assessments, security testing (SAST, DAST, SCA, penetration ...
Quick apply
$106K - $146K/yr
Coordinate with cross-functional teams to integrate medical device security requirements throughout the product lifecycle, including risk assessments, security testing (SAST, DAST, SCA, penetration ...
DE analyzing Common Vulnerability Exposure (CVE) on third party libraries, using Veracode SCA, MEND, Exploit-DB, and NVD databases; and coordinating actions associated with the dismissal or reopening ...
DE analyzing Common Vulnerability Exposure (CVE) on third party libraries, using Veracode SCA, MEND, Exploit-DB, and NVD databases; and coordinating actions associated with the dismissal or reopening ...
Coordinate with cross-functional teams to integrate medical device security requirements throughout the product lifecycle, including risk assessments, security testing (SAST, DAST, SCA, penetration ...
Coordinate with cross-functional teams to integrate medical device security requirements throughout the product lifecycle, including risk assessments, security testing (SAST, DAST, SCA, penetration ...
Cary, NC · On-site
$122K - $145K/yr
Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), Secrets scanning, Infrastructure as Code (IaC) scanning, and Container ...
Cary, NC · On-site
$122K - $145K/yr
Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), Secrets scanning, Infrastructure as Code (IaC) scanning, and Container ...
Raleigh, NC · On-site
... SCA). * Serves as the primary client liaison and manages the project team to deliver the scope, schedule, and budgets to completion and to the client's satisfaction. Assists with client project ...
Raleigh, NC · On-site
... SCA). * Serves as the primary client liaison and manages the project team to deliver the scope, schedule, and budgets to completion and to the client's satisfaction. Assists with client project ...
Raleigh, NC · On-site +1
$18.50 - $25.25/hr
What You'll Do: * Therapeutic Strategy Leadership * Serve as a champion for staying abreast of trends and development of treatments in assigned therapeutic areas (approaches to care, impact of ...
Raleigh, NC · On-site +1
$18.50 - $25.25/hr
What You'll Do: * Therapeutic Strategy Leadership * Serve as a champion for staying abreast of trends and development of treatments in assigned therapeutic areas (approaches to care, impact of ...
Raleigh, NC · On-site
... SCA). * Serves as the primary client liaison and manages the project team to deliver the scope, schedule, and budgets to completion and to the client's satisfaction. Assists with client project ...
Raleigh, NC · On-site
... SCA). * Serves as the primary client liaison and manages the project team to deliver the scope, schedule, and budgets to completion and to the client's satisfaction. Assists with client project ...
... SCA). The wage range for this position is determined by the Wage and Hour Division of the Department of Labor on a contract-by-contract basis. Employee Benefits: At BAE Systems, we support our ...
... SCA). The wage range for this position is determined by the Wage and Hour Division of the Department of Labor on a contract-by-contract basis. Employee Benefits: At BAE Systems, we support our ...
Cary, NC · On-site
$122K - $145K/yr
Software Composition Analysis (SCA) * Secrets scanning and code integrity checks * Infrastructure-as-Code (IaC) and container image scanning * Secure code repositories by enforcing: * Branch ...
Cary, NC · On-site
$122K - $145K/yr
Software Composition Analysis (SCA) * Secrets scanning and code integrity checks * Infrastructure-as-Code (IaC) and container image scanning * Secure code repositories by enforcing: * Branch ...
$17.52 is the 25th percentile. Wages below this are outliers.
$15.66 - $20.20
61% of jobs
$20.20 - $24.75
12% of jobs
$25.88 is the 75th percentile. Wages above this are outliers.
$24.75 - $29.29
7% of jobs
$29.29 - $33.84
11% of jobs
$33.84 - $38.39
0% of jobs
$38.39 - $42.93
7% of jobs
$42.93 - $47.48
0% of jobs
$47.48 - $52.02
0% of jobs
$52.02 - $56.57
0% of jobs
$56.57 - $61.12
0% of jobs
$61.12 - $65.66
1% of jobs
$15
$25
$65
To thrive as a SCA (Security Control Assessor), a background in cybersecurity, risk assessment, and compliance standards such as NIST or RMF is essential, often supported by a relevant degree and security certifications like CISSP, CISA, or Security+. Familiarity with assessment tools, vulnerability scanners, and documentation systems is typically required for evaluating and reporting on IT security controls. Strong analytical thinking, attention to detail, and effective communication are valuable soft skills that enhance performance in this role. These qualities ensure thorough evaluations, accurate reporting, and effective collaboration with IT and compliance teams to maintain organizational security.
A Security Control Assessor (SCA) is primarily responsible for evaluating the effectiveness of security controls within IT systems, reviewing evidence and documentation, conducting risk assessments, and preparing detailed reports for compliance purposes. Daily tasks often include collaborating with system owners and IT teams to verify controls, analyzing security documentation, and using assessment tools to identify vulnerabilities. SCAs frequently participate in meetings to discuss remediation strategies and ensure that all findings are addressed in alignment with regulatory standards. This role is critical in maintaining the organization's security posture and compliance with federal or industry-specific requirements.
An SCA (Service Contract Act) job refers to a position covered by the McNamara-O'Hara Service Contract Act, which requires contractors and subcontractors performing services for the federal government to pay service employees prevailing wages and benefits. These jobs can include roles such as administrative support, maintenance, security, and technical services. SCA positions ensure fair compensation and labor standards for workers on federal contracts.

Computer World Services Corp. (CWS) is seeking a highly motivated and technically skilled DevSecOps Engineer responsible for the analysis, design, implementation, automation, security, testing, deployment, and lifecycle management of enterprise applications and supporting infrastructure within the NIEHS environment.
The DevSecOps Engineer combines business systems analysis expertise with modern software engineering, infrastructure automation, cybersecurity, and platform operations capabilities to support secure, scalable, and highly available enterprise applications. This position serves as a key contributor in integrating development, security, and operations practices throughout the Software Development Lifecycle (SDLC), ensuring compliance with Federal security requirements and supporting enterprise modernization initiatives.
The DevSecOps Engineer works closely with software developers, database administrators, systems engineers, cybersecurity personnel, project managers, and business stakeholders to deliver secure, reliable, and automated application solutions supporting NIEHS mission requirements.
Engineering and CI/CD Automation
Design, implement, maintain, and optimize enterprise CI/CD pipelines supporting software development and deployment activities.
Develop automated workflows for code integration, testing, security validation, packaging, release management, and deployment.
Administer and support CI/CD platforms including:
Support source code management platforms and branching strategies.
Implement deployment automation across development, integration, testing, staging, and production environments.
Monitor pipeline performance and continuously improve delivery efficiency and reliability.
Migrate software builds through development, testing, integration, and production environments.
Monitor deployment activities and remediate deployment failures within established service level agreements.
Infrastructure as Code and Automation
Develop and maintain Infrastructure as Code (IaC) solutions using Terraform.
Implement automated configuration management using Ansible.
Develop reusable infrastructure modules, templates, and automation frameworks.
Automate operational, administrative, and deployment processes.
Support environment standardization and infrastructure modernization initiatives.
Implement automated provisioning and configuration management capabilities across enterprise environments.
Container Platform Engineering
Support containerized application deployments using Docker and Kubernetes platforms.
Administer Rancher-managed Kubernetes environments.
Manage container image lifecycle processes and private container registries.
Implement container security best practices and vulnerability remediation procedures.
Support runtime security monitoring and compliance initiatives.
Assist application teams with container adoption, deployment patterns, and troubleshooting.
Application Security and Integration
Integrate security controls and automated testing throughout the Software Development Lifecycle.
Configure and maintain application security tools including:
Review vulnerability findings and collaborate with development teams to remediate issues.
Implement automated security gates and quality control processes.
Support secure software development initiatives aligned with Federal security requirements.
Promote DevSecOps best practices across development and operations teams.
Vulnerability Management and Compliance
Support vulnerability management activities using Tenable and related security platforms.
Conduct vulnerability assessments, remediation tracking, and risk analysis.
Develop mitigation strategies when vulnerabilities cannot be remediated within required service levels.
Coordinate mitigation approvals with Information System Security Officers (ISSOs).
Implement approved mitigation plans following established change management procedures.
Maintain compliance with:
Support audit readiness and compliance reporting activities.
Required Technical Skills
CI/CD and Automation
Jenkins
GitLab CI/CD
GitHub Actions
Git-based Source Control
Release Management
Infrastructure Automation
Terraform
Ansible
Infrastructure as Code (IaC)
Configuration Management
Container Technologies
Docker
Kubernetes
Rancher
Security
OpenText Fortify
SAST
DAST
Software Composition Analysis (SCA)
Secrets Management
Tenable Vulnerability Management
Programming and Scripting
Python
JavaScript / TypeScript
Java
C#
PHP
REST APIs
Enterprise Platforms
Windows Server
Red Hat Enterprise Linux (RHEL)
Microsoft SQL Server
Oracle DatabaseEducation
Experience
Computer World Services is an affirmative action and equal employment opportunity employer. Current employees and/or qualified applicants will receive consideration for employment without regard to race, color, religion, sex, disability, age, sexual orientation, gender identity, national origin, disability, protected veteran status, genetic information or any other characteristic protected by local, state, or federal laws, rules, or regulations.
Computer World Services is committed to the full inclusion of all qualified individuals. As part of this commitment, Computer World Services will ensure that individuals with disabilities (IWD) are provided reasonable accommodations. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact Human Resources at [email protected].
Sourced by ZipRecruiter
51 - 200 Employees
Falls Church, VA, US
1990