Skills

Python Java C# Bash PowerShell GitHub CI/CD DevOps Azure DevOps Networking Windows Azure AWS CI/CD Pipelines Terraform GitHub Actions

Job Specifications

e&e is seeking a Senior DevSecOps Engineer for a hybrid contract opportunity in Harrisburg, PA!

The Senior DevSecOps Engineer will provide hands-on security automation consulting for AWS environments, working closely with the Solutions Management group. This role emphasizes secure-by-default cloud infrastructure, compliance automation, and DevSecOps best practices aligned with CJIS and NIST 800-53 standards. The engineer will design, build, and maintain preventive controls, reusable templates, and reference architectures that help enterprise teams adopt secure practices. While initial focus is on AWS, limited Azure support may be required in later phases.

Responsibilities:

First 90 Days

Deliver pipeline security templates in GitHub Actions and Azure DevOps with SAST, SCA, IaC, container, and secret scanning gates.
Implement compliance as code in AWS reference accounts, including AWS Config rules and Security Hub standards mapped to CJIS and NIST 800-53.
Build IaC reference modules using AWS CDK and CloudFormation for IAM, KMS, Secrets Manager, logging, and networking baselines; provide Terraform equivalents.
Generate evidence exports and auditor-ready compliance artifacts tied to control IDs.

Ongoing

Harden CDK/CloudFormation modules and pipeline templates as compliance needs evolve.
Coach pilot teams to adopt and integrate provided templates.
Identify and escalate security and compliance gaps to enterprise teams for enforcement.

Day-to-Day

Author and maintain AWS CDK constructs and CloudFormation templates; create Terraform equivalents where required.
Implement AWS Config, Security Hub, and GuardDuty routing in reference accounts.
Integrate scanning tools into CI/CD pipelines for applications, containers, and IaC.
Develop reusable GitHub/Azure DevOps pipeline templates with enforcement gates and exception workflows.
Produce compliance posture reports and evidence documentation mapped to CJIS and NIST standards.

Requirements:

Required

Extensive experience (5+ years) in AWS security automation and DevOps.
Strong expertise with AWS CDK and CloudFormation; working proficiency in Terraform.
Hands-on experience with CI/CD pipelines using GitHub Actions and Azure DevOps.
Proficiency in Python and Bash; PowerShell for Windows automation.
Ability to read Java and C# to integrate/tune SAST and SCA tools.
Practical knowledge of CJIS and NIST 800-53 control families, with proven ability to automate checks and generate compliance evidence.

Preferred / Nice to Have

Experience with hardening patterns for EKS, ECS, and Lambda.
Familiarity with tools such as OPA/Conftest, Checkov, Trivy, Inspector, and CodeQL.
Exposure to Azure security automation for future phases.

About the Company

Company Overview e&e Technical Consultants, LLC provides best-in-class Information Technology staffing services and solutions. A minority-owned business entity (MBE), the company serves state and federal government agencies as well as large commercial accounts. e&e's staffing capabilities include recruiting, staff augmentation, and permanent staff placement as well as the ability to deliver project-specific resources and solutions. e&e offers a blend of traditional values, technical expertise, and a service orientation ge... Know more