Overview:
LMI is looking for an expert DevSecOps Site Reliability Engineer to join our exciting and innovative team to support transforming and modernizing how the United States Army delivers software.
The DevSecOps Site Reliability Engineer (SRE) is required to build and maintain IT infrastructure resources that serve the Command Digital and Artificial Intelligence Office’s (CDAO) data analysis and data management requirements. The SRE brings a lacking but critical expertise to the CDAO’s team on creating scalable, highly reliable, and secure infrastructure and software resources.
This is a 100% remote role with quarterly travel for in person team planning and collaboration events. This position requires an active Secret clearance.
LMI is a new breed of digital solutions provider dedicated to accelerating government impact with innovation and speed. Investing in technology and prototypes ahead of need, LMI brings commercial-grade platforms and mission-ready AI to federal agencies at commercial speed.
Leveraging our mission-ready technology and solutions, proven expertise in federal deployment, and strategic relationships, we enhance outcomes for the government, efficiently and effectively. With a focus on agility and collaboration, LMI serves the defense, space, healthcare, and energy sectors—helping agencies navigate complexity and outpace change. Headquartered in Tysons, Virginia, LMI is committed to delivering impactful results that strengthen missions and drive lasting value.
Responsibilities: The DevSecOps Site Reliability Engineer will work as our first Site Reliability Engineering team member. As the initial member of this team, you will be working with IronSled to stand up our Production Support policies and escalation process.
IronSled is LMI’s DevSecOps platform that serves as the central hub for all software development projects. IronSled allows internal and external users to set up development environments with just a few clicks:
Access standardized tools and resources
Build applications using secure, pre-approved components
Deploy and manage applications throughout their lifecycle
Monitor application performance and security
Continuous Integration/Continuous Deployment (CI/CD):
Design, implement, and manage CI/CD pipelines in Gitlab to ensure efficient and reliable software delivery.
Integrate security tools and practices into CI/CD workflows to detect and mitigate risks early.
Familiar with implementation of deployment strategies including blue/green, canary, and A/B testing.
Automation and Scripting:
Develop and maintain automation scripts to streamline and enhance deployment processes.
Advise on and implement configuration management tools for consistent environment setup.
Develop and manage automated deployment and configuration of Kubernetes clusters.
Support configuration of automated testing including functional, integration, end-to-end, resilience, and disaster recovery.
Security Integration:
Implement security measures and controls within CI/CD pipelines.
Develop and employ automated, regular, pre and post-deployment security assessments and vulnerability scans and testing.
Ensure compliance with Army and Department of Defense (DoD) security standards and policies.
Provide direct technical input into security remediation documentation.
Monitoring and Incident Response:
Set up and maintain monitoring and logging solutions to detect and respond to incidents in real-time.
Collaborate with security teams to investigate and remediate security incidents and breaches.
Develop and maintain incident policies and procedures.
Work directly with users and app teams to resolve production issues.
Collaboration and Communication:
Work closely with development, operations, and security teams to ensure seamless integration of security practices.
Provide training and guidance to team members on security best practices and DevSecOps methodologies.
Directly coordinate with Government service and resource providers to implement technical solutions.
Infrastructure as Code (IaC):
Utilize AWS specific IaC tools (i.e. CloudFormation, SAM, CDK) to manage and provision infrastructure.
Ensure infrastructure is secure, scalable, and compliant with Army requirements.
Risk Management:
Identify and address potential security risks and vulnerabilities throughout the development lifecycle.
Implement risk mitigation strategies and conduct regular risk assessments.
Compliance and Documentation:
Ensure all systems and applications comply with relevant regulations and standards (e.g., NIST, FISMA, RMF).
Provide DevSecOps technical input to comprehensive documentation of security practices, procedures, and incident response plans.
Performance Optimization:
Optimize performance and scalability of applications and infrastructure.
Conduct performance testing and implement improvements as needed.
Research and Development:
Stay current with emerging technologies and security trends.
Monitor and adapt to rapidly changing Government technologies and security trends.
Expand expertise in container technologies and orchestration platforms (e.g., Docker, Kubernetes) to improve deployment processes and system scalability
Disaster Recovery and Organization Continuity:
Collaborate with System Architect and Product Management to develop and maintain disaster recovery plans and organization continuity strategies.
Conduct regular drills and tests to ensure preparedness for potential disruptions.
Software Development Support:
Assist in the design, development, and deployment of secure software solutions.
Coordinate with lead developers to ensure security is considered throughout the software development lifecycle (SDLC).
Qualifications:
Minimum of a SECRET security clearance
Bachelor’s degree in Computer Science or related technical field
DoD 8570 IAT Level II Certification (SEC+ or other)
10+ years’ experience as a Site Reliability Engineer, DevSecOps, or Platform Engineer
Proven, demonstrated technology experience with enterprise CI/CD
Familiarization with programming best practices
Ability to debug, optimize code, and automate routine tasks
Systematic problem-solving approach, coupled with effective communication skills and a sense of drive
Understanding of Unix/Linux operating systems
Demonstrated experience building continuous, automated build and deploy pipelines
Demonstrated experience in conditional procedure of build and deploy pipeline based on security scans of source and artifact
Capable of working with software development team and platform infrastructure team to provide meaningful guidance to both for code development and deployment
In-depth knowledge of version control of release artifacts to facilitate upgrade rollout and rollback
Strong understanding of containerization of web applications
Understanding and familiarity with container orchestration engines such as K8s (EKS, AKS, GKE, Kops, OpenShift)
Demonstrated Experience with GitLab CI/CD
Experience with bash shell scripting
Experience with AWS CI/CD tools and services
Experience with Agile development methodologies and working with Agile teams
Ability to work in a highly collaborative team environment
PREFERRED EXPERIENCE/SKILLS:
Master’s degree in science, technology, engineering, mathematics, computer science, economics, or related technical discipline
AWS GovCloud experience is highly preferred
SAFe certification and experience are a plus
Experience working in IL4 or equivalent secure environments
Experience with security requirements in a federal IT environment, including FedRAMP-certified providers and FISMA requirements for acquiring an ATO
Experience working in a consultant/client environment