What You'll Be Building
You'll help design and implement a modern security automation platform, including:
- Compliance-as-Code (STIG, CIS, ISO 27001 controls enforced programmatically)
- Immutable, hardened Linux images built through container workflows
- CI/CD pipelines with embedded security gates (GitLab)
- Automated vulnerability management pipelines (scan → triage → remediate → verify)
- Infrastructure-as-Code for security tooling and scanning platforms
This isn't maintenance work-this is
greenfield engineering.
Why This Work Matters
Your code will secure
CT-based screening systems deployed globally across:
- Airports
- Border control
- Critical infrastructure
These systems operate in
regulated, high-security environments where failures have real-world consequences.
You're not just building pipelines-you're
protecting national infrastructure at scale.
What You'll Do
- Build and maintain Ansible-based hardening frameworks (DISA STIG, OpenSCAP)
- Engineer secure CI/CD pipelines with enforced security gates
- Create container-based OS images that pass compliance pre-deployment
- Develop Terraform-managed security infrastructure (Tenable, OpenSearch, Grafana)
- Automate vulnerability remediation pipelines
- Replace manual audit prep with continuous compliance and auto-generated evidence
- Map technical controls directly to ISO 27001 requirements
Tech You'll Work With
- Ansible, Terraform, GitLab CI/CD
- Linux (RHEL/CentOS ecosystem)
- Containers (Docker/Podman, image pipelines)
- Vulnerability scanning (Tenable/Nessus/OpenVAS)
- OpenSCAP, STIG, CIS benchmarks
- OpenSearch / Grafana
What We're Looking For
- Experience in DevOps, SRE, or security engineering
- Strong automation mindset-you eliminate manual processes
- Hands-on with infrastructure-as-code and CI/CD pipelines
- Comfortable working in Linux-heavy, production environments
- Experience (or strong interest) in security automation and compliance engineering
What Makes This Different
- Greenfield opportunity - build systems from scratch, not maintain legacy
- Engineering-first security - automation over documentation
- Real-world impact - security that protects global infrastructure
- Cross-functional influence - partner with engineering, cybersecurity, and platform teams
- Modern stack - CI/CD, containers, IaC, and compliance automation
Bottom Line
If you're a DevOps or SRE engineer who moved into security-or a security engineer who writes real code-this is an opportunity to build something
modern, meaningful, and scalable.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.