Today
Dept of Homeland Security
Unspecified
Unspecified
IT - Security
home, FL (On-Site/Office)
Overview
Arcfield was purpose-built to protect the nation and its allies through innovations in digital transformation, space mission engineering and launch assurance, miniaturized sensors and satellites, advanced modeling and simulation, cybersecurity, and conventional and hypersonic missile support. Headquartered in Chantilly, VA with 16 global offices, Arcfield employs more than 1,500 engineers, analysts, IT specialists, and other professionals with more than 60 years of collective proven experience supporting missions in cyber and space defense, space exploration, hypersonic and nuclear deterrence and warfighter readiness. Visit arcfield.com for more details.
Responsibilities
In support of the Department of Homeland Security's CyberSecurity Division under the Cybersecurity and Infrastructure Security Agency (CISA), Arcfield provides specialized security services to support the Department's critical cyber programs for the Mission Engineering (ME) Directorate. In support of ME's SecDevOps section a security tools engineer is required to perform the following:
The Senior Principal CI/CD Security Tool Engineer serves as the primary technical authority for the selection, integration, and ongoing optimization of security tools within the organization's CI/CD pipelines. This individual works closely with development, DevOps, and security teams to ensure that best-in-class security checks, vulnerability scanning, and compliance requirements are embedded at every stage of the build, test, and deployment processes.
In support of these efforts, our Senior Principal CI/CD Pipeline Security Tools Engineer will perform the following:
Security Tool Strategy & Roadmap
Integration & Automation of Security Tools
Tool Configuration & Management
Governance & Compliance
Performance Optimization & Incident Response
Technical Leadership & Mentoring
Qualifications
Required Skills:
Desired Skills:
Equal Pay Act
This is the projected compensation range for this position. There are differentiating factors that can impact a final salary/hourly rate, including, but not limited to, Contract Wage Determination, relevant work experience, skills and competencies that align to the specified role, geographic location (For Remote Opportunities), education and certifications as well as Federal Government Contract Labor categories. In addition, Arcfield invests in its employees beyond just compensation. Arcfield 's benefits offerings include, dependent upon position, Health Insurance, Life Insurance, Paid Time Off, Holiday Pay, Short Term and Long-Term Disability, Retirement and Savings, Learning and Development opportunities, wellness programs as well as other optional benefit elections.Min: $119,993.45Max: $200,645.33
EEO Statement
EEO
Arcfield proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active-Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.
Arcfield was purpose-built to protect the nation and its allies through innovations in digital transformation, space mission engineering and launch assurance, miniaturized sensors and satellites, advanced modeling and simulation, cybersecurity, and conventional and hypersonic missile support. Headquartered in Chantilly, VA with 16 global offices, Arcfield employs more than 1,500 engineers, analysts, IT specialists, and other professionals with more than 60 years of collective proven experience supporting missions in cyber and space defense, space exploration, hypersonic and nuclear deterrence and warfighter readiness. Visit arcfield.com for more details.
Responsibilities
In support of the Department of Homeland Security's CyberSecurity Division under the Cybersecurity and Infrastructure Security Agency (CISA), Arcfield provides specialized security services to support the Department's critical cyber programs for the Mission Engineering (ME) Directorate. In support of ME's SecDevOps section a security tools engineer is required to perform the following:
The Senior Principal CI/CD Security Tool Engineer serves as the primary technical authority for the selection, integration, and ongoing optimization of security tools within the organization's CI/CD pipelines. This individual works closely with development, DevOps, and security teams to ensure that best-in-class security checks, vulnerability scanning, and compliance requirements are embedded at every stage of the build, test, and deployment processes.
In support of these efforts, our Senior Principal CI/CD Pipeline Security Tools Engineer will perform the following:
Security Tool Strategy & Roadmap
- Leads the planning and development of a comprehensive security tool strategy aligned with CI/CD and DevSecOps best practices.
- Continuously evaluates emerging security tool offerings, conducts proof-of-concepts, and recommends enhancements to address evolving threats.
Integration & Automation of Security Tools
- Integrates security scanning solutions (SAST, DAST, SCA, container scanning, IaC scanning, etc.) directly into CI/CD pipelines.
- Develops and maintains automation scripts to ensure consistent, repeatable security checks for every code commit and deployment.
- Collaborates with DevOps teams to build infrastructure that auto-remediates or flags vulnerabilities and compliance violations.
Tool Configuration & Management
- Owns the end-to-end lifecycle of security tools, including installation, configuration, license management, and performance optimization.
- Oversees version upgrades, patching, and bug fixes for security tools to maintain stability and feature parity.
- Ensures logging, monitoring, and alerting capabilities are in place for all security tools to provide real-time insights.
Governance & Compliance
- Aligns tool usage and configuration with industry standards and organizational policies.
- Integrates compliance checks and policy-as-code solutions into the pipeline to enforce regulatory requirements.
- Collaborates with Compliance teams during audits to demonstrate continuous, automated security checks.
Performance Optimization & Incident Response
- Troubleshoots and resolves Ci-CD pipeline or tool-related issues, ensuring minimal impact on development velocity.
- Provides technical guidance during security incidents or breaches, focusing on immediate containment and long-term prevention strategies.
- Continuously refines security runbooks and incident response playbooks based on lessons learned.
Technical Leadership & Mentoring
- Serves as the go-to subject matter expert (SME) for all security tool-related decisions, designs, and best practices.
- Mentors junior and mid-level engineers, conducting code reviews and knowledge-sharing sessions on secure CI/CD processes.
- Advocates for security-first thinking across development and DevOps teams, fostering a collaborative DevSecOps culture.
Qualifications
Required Skills:
- Bachelor's degree required and 10 years of experience conducting manual testing, vulnerability scans, penetration testing, source code review, and vulnerability assessments
- US Citizenship
- Certifications such as: Offensive Security Certified Expert (OSCE), Offensive Security Certified Professional (OSCP), Offensive Security Web Expert (OSWE), Offensive Security Wireless Professional (OSWP), GIAC Penetration Tester (GPEN), GIAC Exploit Researcher and Advanced Penetration Tester (GXPN), Licensed Penetration Tester (LPT), CEPT, CEH
- Experience with compliance and vulnerability scanning tools
- Experience with automated and manual source ode review
- Demonstrated experience in a simulated environment
- Ability to use MS Office Suite to include Word, PowerPoint, and Excel.
- Superior communication skills, both written and oral.
- US Citizenship
- A U.S. Government TS/SCI Clearance
Desired Skills:
- Advanced degree in Computer Science, Cyber Security, Mathematics, or Engineering is highly desirable.
- DHS Suitability and experience
Equal Pay Act
This is the projected compensation range for this position. There are differentiating factors that can impact a final salary/hourly rate, including, but not limited to, Contract Wage Determination, relevant work experience, skills and competencies that align to the specified role, geographic location (For Remote Opportunities), education and certifications as well as Federal Government Contract Labor categories. In addition, Arcfield invests in its employees beyond just compensation. Arcfield 's benefits offerings include, dependent upon position, Health Insurance, Life Insurance, Paid Time Off, Holiday Pay, Short Term and Long-Term Disability, Retirement and Savings, Learning and Development opportunities, wellness programs as well as other optional benefit elections.Min: $119,993.45Max: $200,645.33
EEO Statement
EEO
Arcfield proactively fulfills its role as an equal opportunity employer. We do not discriminate against any employee or applicant for employment because of race, color, sex, religion, age, sexual orientation, gender identity and expression, national origin, marital status, physical or mental disability, status as a Disabled Veteran, Recently Separated Veteran, Active-Duty Wartime or Campaign Badge Veteran, Armed Forces Services Medal, or any other characteristic protected by law.
group id: 91130308
