Cloud Engineer / DevSecOps Specialist
Company: CACI
Location: Norfolk
Posted on: April 2, 2026
|
|
|
Job Description:
Job Title: Cloud Engineer / DevSecOps Specialist Job Category:
Information Technology Time Type: Full time Minimum Clearance
Required to Start: Secret Employee Type: Regular Percentage of
Travel Required: Up to 10% Type of Travel: Continental US * * * The
Opportunity We are seeking a highly skilled Cloud Engineer /
DevSecOps Specialist to join our Norfolk Va. team and design,
build, and maintain secure cloud infrastructure supporting
Department of Defense (DoD) mission-critical workloads. This role
is central to our cloud engineering team and demands deep expertise
in Amazon Web Services (AWS) GovCloud, DevSecOps automation,
container orchestration, and compliance with DoD cybersecurity
frameworks. The ideal candidate operates at the intersection of
cloud architecture, security engineering, and continuous
delivery—embedding security into every layer of the pipeline from
code commit to production deployment. Responsibilities Design and
manage production-grade AWS GovCloud environments supporting
IL4/IL5 workloads in compliance with DoD CC SRG, including
multi-account strategies, identity federation, and network
segmentation using Transit Gateway, VPCs, and AWS core services
(EC2, S3, RDS, Lambda, ECS/EKS, etc.). Build and maintain
Infrastructure as Code (IaC) using Terraform, CloudFormation, and
Ansible to ensure repeatable, auditable, and version-controlled
infrastructure deployments with automated compliance enforcement.
Design and implement end-to-end CI/CD pipelines using GitHub
Actions, GitLab CI/CD, or AWS CodePipeline with integrated security
gates, supporting complex multi-stage orchestration, parallel
execution, and environment promotion strategies. Integrate
shift-left security practices into build pipelines including SAST,
DAST, SCA, container image scanning, and compliance-as-code tools
(AWS Config Rules, OPA, Checkov) to enforce policy guardrails
throughout the development lifecycle. Deploy and manage Kubernetes
clusters (Amazon EKS) in GovCloud environments, including Helm
charts, service mesh configuration, pod security policies, and
container runtime security monitoring to enforce zero-trust
principles. Build and optimize secure Docker container images using
multi-stage builds, distroless base images, non-root execution, and
vulnerability-free dependencies while driving continuous
optimization of infrastructure provisioning and deployment
throughput. Ensure compliance with federal security frameworks
including NIST SP 800-171, NIST SP 800-53, DFARS 252.204-7012, and
CMMC 2.0 Level 2, supporting A&A activities and documentation
(SSP, POA&M, SAR). Implement continuous monitoring and security
solutions including SIEM integration, vulnerability scanning
(Nessus, Tenable.sc), EDR tools, AWS GuardDuty, Security Hub, and
STIG hardening across systems and applications. Manage software
supply chain security including artifact repositories (Nexus,
Artifactory, AWS ECR), SBOM generation, artifact signing, and
source code repository workflows in GitHub Enterprise/GitLab.
Create technical documentation and provide mentorship, including
architecture diagrams, runbooks, disaster recovery plans, SOPs, and
guidance on cloud security best practices, IaC development, and
DevSecOps tooling. QUALIFICATIONS Minimum of 7 years of progressive
experience in cloud engineering, DevOps/DevSecOps, or cloud
security engineering roles. 3 years of hands-on experience with AWS
(strong preference for GovCloud/FedRAMP environments). Experience
with DoD Business IT systems Demonstrated experience building and
maintaining CI/CD pipelines with security automation in GitHub
Actions, GitLab CI/CD, Jenkins, or AWS-native tools. Production
experience with container technologies (Docker, Kubernetes/EKS,
Helm). Proven experience implementing Infrastructure as Code using
Terraform and/or CloudFormation. Direct experience working with DoD
cybersecurity requirements including NIST 800-171, NIST 800-53,
DFARS, and/or CMMC. Certifications (Required) DoD 8140 (formerly
8570) IAT Level II or higher certification. Qualifying
certifications include: CompTIA Security CE Certifications Desired
CCNA Security GICSP, GSEC, or SSCP - What You Can Expect: A culture
of integrity. At CACI, we place character and innovation at the
center of everything we do. As a valued team member, you’ll be part
of a high-performing group dedicated to our customer’s missions and
driven by a higher purpose – to ensure the safety of our nation. An
environment of trust. CACI values the unique contributions that
every employee brings to our company and our customers - every day.
You’ll have the autonomy to take the time you need through a unique
flexible time off benefit and have access to robust learning
resources to make your ambitions a reality. A focus on continuous
growth. Together, we will advance our nation's most critical
missions, build on our lengthy track record of business success,
and find opportunities to break new ground — in your career and in
our legacy. Pay Range : There are a host of factors that can
influence final salary including, but not limited to, geographic
location, Federal Government contract labor categories and contract
wage rates, relevant prior work experience, specific skills and
competencies, education, and certifications. Our employees value
the flexibility at CACI that allows them to balance quality work
and their personal lives. We offer competitive compensation,
benefits and learning and development opportunities. Our broad and
competitive mix of benefits options is designed to support and
protect employees and their families. At CACI, you will receive
comprehensive benefits such as; healthcare, wellness, financial,
retirement, family support, continuing education, and time off
benefits. The proposed salary range for this position is:
$114,600-$252,100 CACI is an Equal Opportunity Employer. All
qualified applicants will receive consideration for employment
without regard to race, color, religion, sex, pregnancy, sexual
orientation, age, national origin, disability, status as a
protected veteran, or any other protected characteristic.
Keywords: CACI, Portsmouth , Cloud Engineer / DevSecOps Specialist, IT / Software / Systems , Norfolk, Virginia
