Ansible, Automation, Automation Engineering, Benchmarking, CentOS, Computer Security, Continuous Deployment/Delivery, Continuous Integration, Cross-Functional, Defense Information Systems Agency (DISA), DevOps, Docker, Ecosystems, Embedded Systems, ISO (International Organization for Standardization), Internet Security, Linux Operating System, Machine Tool, Nessus, Operating Systems, Production Systems, Red Hat Linux Operating System, Sales Pipeline, Security Infrastructure, Security Monitoring, System Operations, Vulnerability Scanners
What You’ll Be Building
You’ll help design and implement a modern security automation platform, including:
- Compliance-as-Code (STIG, CIS, ISO 27001 controls enforced programmatically)
- Immutable, hardened Linux images built through container workflows
- CI/CD pipelines with embedded security gates (GitLab)
- Automated vulnerability management pipelines (scan → triage → remediate → verify)
- Infrastructure-as-Code for security tooling and scanning platforms
This isn’t maintenance work—this is greenfield engineering.
Why This Work Matters
Your code will secure CT-based screening systems deployed globally across:
- Airports
- Border control
- Critical infrastructure
These systems operate in regulated, high-security environments where failures have real-world consequences.
You’re not just building pipelines—you’re protecting national infrastructure at scale.
What You’ll Do
- Build and maintain Ansible-based hardening frameworks (DISA STIG, OpenSCAP)
- Engineer secure CI/CD pipelines with enforced security gates
- Create container-based OS images that pass compliance pre-deployment
- Develop Terraform-managed security infrastructure (Tenable, OpenSearch, Grafana)
- Automate vulnerability remediation pipelines
- Replace manual audit prep with continuous compliance and auto-generated evidence
- Map technical controls directly to ISO 27001 requirements
Tech You’ll Work With
- Ansible, Terraform, GitLab CI/CD
- Linux (RHEL/CentOS ecosystem)
- Containers (Docker/Podman, image pipelines)
- Vulnerability scanning (Tenable/Nessus/OpenVAS)
- OpenSCAP, STIG, CIS benchmarks
- OpenSearch / Grafana
What We’re Looking For
- Experience in DevOps, SRE, or security engineering
- Strong automation mindset—you eliminate manual processes
- Hands-on with infrastructure-as-code and CI/CD pipelines
- Comfortable working in Linux-heavy, production environments
- Experience (or strong interest) in security automation and compliance engineering
What Makes This Different
- Greenfield opportunity – build systems from scratch, not maintain legacy
- Engineering-first security – automation over documentation
- Real-world impact – security that protects global infrastructure
- Cross-functional influence – partner with engineering, cybersecurity, and platform teams
- Modern stack – CI/CD, containers, IaC, and compliance automation
Bottom Line
If you’re a DevOps or SRE engineer who moved into security—or a security engineer who writes real code—this is an opportunity to build something modern, meaningful, and scalable.