Senior DevSecOps Engineer
Full Time • Hybrid - US
Job Title: Senior DevSecOps Engineer
Job Code: PA 799848
Client: Commonwealth of Pennsylvania – PSDC
Location: Mechanicsburg, PA (Hybrid – 2 Days Onsite)
Duration: Contract until 06/30/2026 (Extension Likely through 06/30/2027)
Client: Commonwealth of Pennsylvania – PSDC
Location: Mechanicsburg, PA (Hybrid – 2 Days Onsite)
Duration: Contract until 06/30/2026 (Extension Likely through 06/30/2027)
Position Overview
The Commonwealth of Pennsylvania (PSDC) is seeking a Senior DevSecOps Engineer to drive security automation and compliance within AWS-based environments. This role focuses on building secure-by-default infrastructure, automating compliance controls, and integrating security into CI/CD pipelines aligned with CJIS and NIST standards.
Key Responsibilities
Security Automation & Cloud Engineering
- Design and implement secure AWS infrastructure using CDK and CloudFormation
- Build and maintain Infrastructure-as-Code (IaC) modules and reusable templates
- Implement security guardrails and compliance enforcement patterns
CI/CD & DevSecOps
- Develop secure CI/CD pipelines using GitHub Actions and Azure DevOps
- Integrate SAST, SCA, IaC, container, and secret scanning tools
- Automate compliance checks and enforce security gates in pipelines
Compliance & Governance
- Implement AWS Config, Security Hub, and GuardDuty controls
- Align solutions with CJIS and NIST 800-53 compliance frameworks
- Generate audit-ready reports and compliance evidence artifacts
Collaboration & Enablement
- Work with internal teams to adopt secure DevSecOps practices
- Provide guidance, templates, and best practices for cloud security
- Document findings, improvements, and remediation strategies
Required Skills & Experience
- 5+ years of experience in AWS security automation and DevOps
- Strong experience with:
- AWS CDK, CloudFormation, and Terraform
- CI/CD tools (GitHub Actions, Azure DevOps)
- Python, Bash, and PowerShell scripting
- Experience integrating security tools (SAST, SCA, container scanning)
- Knowledge of CJIS and NIST 800-53 compliance frameworks
- Ability to read and interpret Java and C# code for security analysis
Preferred Qualifications
- Experience with EKS, ECS, Lambda security hardening
- Familiarity with tools such as Checkov, Trivy, CodeQL, OPA/Conftest
- Exposure to Azure security automation (nice to have)
Primary Skills
AWS, DevSecOps, CDK, CloudFormation, Terraform, CI/CD, GitHub Actions, Azure DevOps, Python, Bash, PowerShell, Security Automation, NIST, CJIS
Flexible work from home options available.
About SR International INC.
SR International has been a leading name among the IT consulting companies with offices in US and India. For past 16 years, our industry experience and domain knowledge have enabled us to provide innovative solutions to our customers.
Who We Are
Who We Are
We Are Leading IT Based Solution Providers
Today, the world of business information represents the realization of our collective efforts toward improving the future. Held only by the limits of our imagination, the business world is accelerating at an ever-increasing pace. Imagine a better way of doing business, of implementing the perfect software, of refining practice or business integration. All it takes are benchmark standards in service, support, and technical know-how, which have been our bread and butter.
Our Vision.
Our Vision.
Established in 2002, SR International Inc is one of the fastest growing and reputed provider of Information Technology Services and Solutions in the USA. Since our inception, we have been a trusted IT partner for our clients. We take pride in our highly skilled IT Resources and unique engagement model. We have been consistently delivering on our promises as a high-performance team. Our expertise in Cloud Computing, Mobility, Web Technologies, ERP and CRM are second to none. Our industry-leading flagship product iMathSmart is re-defining math learning experience for school students.
Career At SR International
At SR International, we treat our consultants like family. Our business and our reputation have been built and maintained by quality resources working onboard, so it’s important for us to maintain the quality resource pool.
(if you already have a resume on Indeed)