DevSecOps Engineer

Position: DevSecOps Engineer

Position Type: Contract

Location: Hybrid – Onsite in Troy, MI and Remote (Primarily remote)

Industry: Aerospace and Defense

Pay: $50.00 to $70.00 Hourly

Shift: 1st Shift: Monday – Friday

Benefits:

• Weekly Pay
• Eligibility to enroll in health benefits on your first day!
• Referral Bonuses ($100 per referral) – Ask for details

Position Summary:

We're looking for a DevSecOps Engineer whose primary expertise is Application Security within Linux operating environments. In this role, you'll evaluate C/C development environments, system architectures, and safety-critical security risks in order to define and implement security controls—delivered through DevSecOps pipelines—for embedded applications that run on Linux. The work involves integrating source code repositories, build systems, security analysis tools, issue management platforms, and developer environments into a cohesive pipeline.

Position Responsibilities:

• Examine application architectures, deployment topologies, and trust boundaries to surface threats and establish suitable security controls throughout the development lifecycle
• Create and apply threat models that expose vulnerabilities and inform the choice of security controls across code, pipelines, and runtime environments
• Collaborate with software developers to advise on secure coding practices, conduct code reviews, and deliver actionable, risk-based recommendations
• Architect, deploy, and maintain CI/CD pipelines that enforce and verify security controls (such as SAST, SCA, build integrity, and artifact security) for C/C applications targeting Linux hosts
• Compile C/C applications using standard Linux toolchains (such as gcc/g , make, and cmake), and troubleshoot compilation and dependency issues
• Oversee and securely handle pipeline artifacts, dependencies, and environment variables, making sure sensitive information stays out of code and logs

Position Requirements:

• A bachelor's degree in a relevant field of study from an accredited college or university
• Capable of obtaining and maintaining both a Common Access Card (CAC) and a US Government Security Clearance
• Proficient in Agile, DevOps, and contemporary delivery practices
• Deep Linux knowledge, covering system internals and security areas like permissions, process isolation, secure execution (non-root services), file handling, and common vulnerability classes
• Sharp analytical and problem-solving abilities paired with an attacker mindset, with the ability to anticipate and emulate real-world attacks and uncover vulnerabilities that automated scanning misses
• Background in interpreting and applying security frameworks (such as STIGs, FIPS 140-x, and NIST 800-53) to derive system-specific security controls and put them into practice within development pipelines and deployed environments
• Assess application and system designs to pinpoint security gaps and propose architectural improvements that go beyond pipeline-based controls
• Weigh trade-offs among security, performance, and operational constraints in safety-critical or resource-constrained environments
• Hands-on experience working with GitLab CI/CD pipelines, including authoring and debugging .gitlab-ci.yml configurations
• Familiarity with Coverity, Black Duck, or comparable SAST/SCA tools, along with the ability to interpret scan findings and act on them
• Experience compiling C/C applications in Linux environments using gcc, make, or cmake
• Knowledgeable about the secure handling of secrets and credentials within CI/CD pipelines

About Spark Talent Acquisition:

Spark Talent Acquisition is a Michigan-headquartered recruiting and staffing company that connects great talent with great employers. We understand that building the right team is vital to success. Listening to our clients and creating customized workforce strategies is at the core of what we do. We pride ourselves in team development as it matches our purpose as an organization to help people grow.