DevSec Ops Engineer

<div class="content-intro"><p>Anduril Industries is a defense technology company with a mission to transform U.S. and allied military capabilities with advanced technology. By bringing the expertise, technology, and business model of the 21st century’s most innovative companies to the defense industry, Anduril is changing how military systems are designed, built and sold. Anduril’s family of systems is powered by Lattice OS, an AI-powered operating system that turns thousands of data streams into a realtime, 3D command and control center. As the world enters an era of strategic competition, Anduril is committed to bringing cutting-edge autonomy, AI, computer vision, sensor fusion, and networking technology to the military in months, not years.</p></div><h2 id="DevSecOpsEngineerWIP-ABOUTTHETEAM">ABOUT THE TEAM</h2> <p>Anduril's Air &amp; Missile Defense Radar team develops cutting-edge tracking algorithms and software systems that detect, track, and characterize airborne threats in real-time. Working in small, focused teams, our software engineers design and implement sophisticated tracking solutions that protect lives and critical assets. Our work spans the full spectrum—from developing novel multi-target tracking algorithms to building high-performance distributed systems that process massive amounts of sensor data in milliseconds.</p> <h2 id="DevSecOpsEngineerWIP-ABOUTTHETEAM">ABOUT&nbsp;THE JOB</h2> <p>We are seeking a DevSecOps Engineer to build and maintain the secure automation infrastructure that powers our radar tracking deployments, create testing and analysis tools to support tactical software, and accelerate developer workflows. You'll design CI/CD pipelines, architect core tooling, implement Infrastructure-as-Code, and establish continuous compliance workflows that enable our engineering teams to deploy updates rapidly while meeting stringent DoD and IC security requirements.<br>&nbsp;</p> <h2 id="DevSecOpsEngineerWIP-WHATYOUWILLDO">WHAT YOU WILL DO</h2> <ul> <li class="text-start" data-uuid="2260e976-ca30-464b-b068-c48f8f9510ac">Design and implement secure CI/CD pipelines for classified environments, enabling automated build, test, and deployment of radar tracking software across multiple enclaves</li> <li class="text-start" data-uuid="d1ed67f4-f821-443d-973e-94d66f7e4d13">Build Infrastructure-as-Code frameworks (Terraform, Ansible, or similar) to provision and configure development, test, and production environments that meet DISA STIG and NIST 800-53 requirements</li> <li class="text-start" data-uuid="da0d5fa2-7616-4738-ab0a-ae260a924cd7">Automate security compliance workflows, including STIG scanning, vulnerability assessment, configuration validation, and compliance reporting for continuous monitoring</li> <li class="text-start" data-uuid="f7ed24bb-ab7c-4aad-90a4-e31489007703">Develop containerization and orchestration solutions (Docker, Kubernetes) tailored for classified networks with appropriate security hardening</li> <li class="text-start" data-uuid="7ff4ef50-95fa-440c-8d3f-de511fbf2b54">Implement secrets management, certificate rotation, and access control systems that balance security with developer productivity</li> <li class="text-start" data-uuid="fcda88d5-54b1-4566-85cf-b287c6b2b99b">Create monitoring and logging infrastructure to support security operations, troubleshooting, and incident response</li> <li class="text-start" data-uuid="2b731f34-f023-4a18-97fc-c865b30372b2">Collaborate with software engineers to optimize build processes, reduce deployment friction, and integrate security controls early in the development lifecycle</li> <li class="text-start" data-uuid="d73a53b5-65a3-4d5b-916f-8b7eeb116873">Support ATO preparation and continuous monitoring by generating compliance artifacts, evidence packages, and security documentation</li> <li class="text-start" data-uuid="503261e7-db08-4f8b-846a-f6b26d637d7c">Partner with system administrators and ISSM/ISSO personnel to ensure deployed systems meet customer security requirements&nbsp;</li> <li class="text-start" data-uuid="503261e7-db08-4f8b-846a-f6b26d637d7c">Work alongside tactical software developers to identify pain points and process deficiencies and architect durable solutions</li> </ul> <h2 id="DevSecOpsEngineerWIP-REQUIREDQUALIFICATIONS">REQUIRED QUALIFICATIONS</h2> <ul> <li class="text-start" data-uuid="c0740563-f493-41d0-9585-d7632f7be660">5+ years of experience and a Bachelor's degree in Computer Science, Engineering, Cybersecurity, or related field (or equivalent experience)</li> <li class="text-start" data-uuid="a6cb0e27-f859-4845-9fe0-c1f305ffa6eb">Strong hands-on experience with CI/CD tools such as GitLab CI, Jenkins, GitHub Actions, or similar</li> <li class="text-start" data-uuid="a6cb0e27-f859-4845-9fe0-c1f305ffa6eb">Understanding of software engineering fundamentals: design patterns, testing, version control, and debugging</li> <li class="text-start" data-uuid="2d8e707f-9fb2-47bb-afdd-841b73d08499">Proficiency with Infrastructure-as-Code using Terraform, Ansible, Puppet, Chef, or similar tools</li> <li class="text-start" data-uuid="b10ca2fd-9ba8-4b43-800d-654faf239cef">Working knowledge of containerization technologies (Docker) and orchestration platforms (Kubernetes, Docker Swarm)</li> <li class="text-start" data-uuid="608fd2d7-8f7e-4593-a35d-a9c91e9215bf">Understanding of Linux system administration, networking, and scripting (Python, Bash)</li> <li class="text-start" data-uuid="baa4e153-b824-4795-8e5a-eaa73ad83b02">Familiarity with DoD security frameworks (RMF, NIST 800-53, DISA STIGs)</li> <li class="text-start" data-uuid="162fec18-8591-4f2e-956b-c1ca45f42966">Ability to obtain and maintain a U.S. Top Secret SCI security clearance</li> </ul> <h2 id="DevSecOpsEngineerWIP-DESIREDQUALIFICATIONS">DESIRED QUALIFICATIONS</h2> <ul> <li class="text-start" data-uuid="11651f27-35aa-44f4-9fe9-ff253ad540d5">Experience deploying and maintaining systems in classified DoD or IC environments</li> <li class="text-start" data-uuid="5e1bf6f7-1d71-4dfd-930c-10b35cb25ea0">Hands-on experience with ATO processes, STIG implementation, and continuous monitoring for accredited systems</li> <li class="text-start" data-uuid="5e1bf6f7-1d71-4dfd-930c-10b35cb25ea0">Proficient in Python package development</li> <li class="text-start" data-uuid="27c0f8e5-549d-452c-b516-4ce80becbd9f">Familiarity with SCAP-compliant scanning tools (OpenSCAP, Nessus, ACAS) and automated compliance frameworks</li> <li class="text-start" data-uuid="c9c8a522-9526-4928-874a-583059faafd6">Experience with secure software supply chain practices, artifact signing, and software bill of materials (SBOM)</li> <li class="text-start" data-uuid="466fe9ad-abe1-496f-a3a4-dad5a4ee06fd">Knowledge of zero-trust architectures and microsegmentation in Kubernetes environments</li> <li class="text-start" data-uuid="a9eea0f3-0f3d-485c-9ae1-8f40630f4bcc">Experience with GitOps workflows and declarative infrastructure management</li> <li class="text-start" data-uuid="763927e5-4d73-4f60-9ba5-b89381679b8c">Proficiency with observability and monitoring tools (Prometheus, Grafana, ELK stack, Splunk)</li> <li class="text-start" data-uuid="dd4304af-fa69-49e6-8752-0a8b7ff439e3">Understanding of PKI, certificate management, and secrets management solutions (Vault, AWS Secrets Manager)</li> <li class="text-start" data-uuid="e370bc17-60bd-4d8c-a6a0-34e902dc3633">Experience with air-gapped or disconnected network deployments</li> <li class="text-start" data-uuid="6bc8b2c0-7c17-4f98-ab53-2d557b9af917">Familiarity with real-time or embedded systems and their unique deployment constraints</li> <li class="text-start" data-uuid="45afb850-2cf4-42af-acda-bae3810a8300">Active U.S. Top Secret SCI clearance</li> <li class="text-start" data-uuid="c730416d-32ac-471a-b917-da32c58e82e2">Relevant certifications such as Security+, CISSP, or AWS/Azure security certifications</li> </ul> <p>&nbsp;</p> <p><em data-stringify-type="italic">We request transcripts as part of the early application process to understand your academic background and how your coursework supports the skills deemed critical for the role. Transcripts help us assess your technical and analytical abilities, complementing our interview process in which we also evaluate practical experience and cultural fit. If you choose not to share your transcripts, you will need to provide detailed information regarding your academic performance in relevant courses, including projects and coursework specifics, to ensure we evaluate your academic accomplishments properly. If you do provide academic transcripts, feel free to redact non-technical information (e.g., student ID, dates, non-technical coursework, etc.). Uno