DevSecOps IT Security Engineer

Position Summary
ERT is seeking a DevSecOps IT Security Engineer to support the Advanced Weather Interactive Processing System (AWIPS), a critical lifesaving enterprise system of the National Oceanic and Atmospheric Administration's (NOAA) National Weather Service (NWS). 

The IT Security Engineer to embed with Agile teams supporting the migration and modernization of AWIPS (Advanced Weather Interactive Processing System) into a cloud-native, microservices-based enterprise platform.

The IT Security Engineer will ensure security is integrated into every stage of development and delivery by partnering with developers, system engineers, and product owners. This role will design, implement, and monitor security controls across cloud environments, pipelines, and applications to meet mission, compliance, and regulatory requirements.

Agile Team Support & DevSecOps

• Embed with Agile teams to provide hands-on security engineering during feature and enabler development.
• Automate security controls and testing in CI/CD pipelines (static code analysis, container scanning, IaC validation).
• Collaborate with Product Owners to define security-related acceptance criteria.

Cloud & Application Security

• Implement identity and access management (IAM), secrets management, and role-based access controls.
• Ensure microservices follow secure communication practices (mTLS, API gateways, encryption in transit/at rest).
• Work with Cloud Systems Engineers to enforce network segmentation, firewalls, and zero-trust designs.

Compliance & Risk Management

• Implement security controls aligned with NIST, FedRAMP, and FISMA frameworks.
• Support audits, security assessments, and Authority to Operate (ATO) processes.
• Document and communicate security risks to program leadership and stakeholders.

Monitoring & Incident Response

• Deploy and maintain cloud-native security monitoring tools (e.g., GuardDuty, Security Hub, Azure Defender, Chronicle).
• Establish logging, alerting, and response workflows integrated with mission operations.
• Assist in investigation and remediation of security incidents.

Continuous Improvement

• Stay current with emerging security threats and best practices for cloud-native architectures.
• Promote “shift-left” security and foster a culture of shared responsibility for cybersecurity across teams.
• Contribute to Inspect & Adapt workshops by highlighting security gaps and solutions.
   

Required Skills

• 5 years of experience in IT security, cloud security, or DevSecOps engineering.
• Strong knowledge of cloud platforms (AWS, Azure, GCP) and their native security services.
• Hands-on experience with CI/CD pipeline security tooling (e.g., GitLab CI, Jenkins, SonarQube, Aqua, Snyk, Twistlock).
• Familiarity with encryption standards, IAM, zero-trust, PKI, and container security.
• Experience with compliance standards (NIST 800-53, FedRAMP, FISMA).
• Excellent communication and collaboration skills to work directly with Agile teams.
• Must be a US Citizen or Permanent Resident and be able to pass a background investigation to obtain a security badge to enter the applicable government facility.
   

Desired

• Security certifications: CISSP, CCSP, AWS Security Specialty, or equivalent.
• Experience supporting federal mission systems (NOAA, NWS, DoD, DHS).
• Background in large-scale cloud migrations or data-intensive platforms.
• Familiarity with SAFe or other scaled agile frameworks.
   

Education
Bachelor’s degree in Cybersecurity, Computer Science, or related field (or equivalent experience).

Location
This position supports work at NOAA's Silver Spring and College Park, MD facilities.

Compensation
The salary range for this role is $66,000 - 242,000/year. This range is a good faith estimate based on similar roles across the organization. ERT uses several factors when extending an offer, including but not limited to, the position's scope and expected duties, a candidate’s work experience, education/training, and key skills.  

Benefits
All full-time employees are eligible to participate in our flexible benefits package, which includes:

• Medical, Rx, Dental, and Vision Insurance
• 401(k) retirement plan with company-matching
• 11 Paid Federal Government Holidays
• Paid Time Off (PTO)
• Basic Life & Supplemental Life
• Health Savings Account, Flexible Spending and Dependent Care Flexible Spending Accounts
• Short-Term & Long-Term Disability
• Employee assistance program (EAP)
• Tuition Reimbursement, Personal Development & Learning Opportunities
• Skills Development & Certifications
• Professional Membership Reimbursement
• Employee Referral Program
• Competitive compensation plan
• Discretionary variable incentive bonuses based on factors such as individual performance, business unit performance, and/or the company’s performance
• Publication and Conference Presentation Awards with bonuses

ERT is a VEVRAA Federal Contractor and Equal Opportunity employer - All qualified applicants will be considered for employment without regard to race, color, religion, sex, national origin, disability, or protected Veteran status.

Salary : $66,000 - $242,000