As the DevSecOps Project Lead, you will manage the end-to-end software delivery lifecycle, ensure secure deployments in DoD environments, design the DevSecOps pipeline, and integrate compliance with operational requirements.
ABOUT DEFCON AI
RESILIENCE IN THE FACE OF DISRUPTION. DEFCON AI is an insights company that leverages artificial intelligence, mathematical optimization, data analytics, and software engineering for resilient optimization of complex systems.
In today’s dynamically changing world, DEFCON AI’s technology aligns outcomes with operational goals, better decision making, and empowers customers to anticipate assess, and mitigate the impacts of disruptions.
About the Role
This is a rare opportunity to build a production deployment pipeline for mission-critical DoW software from the ground up.
As the DevSecOps Project Lead, you will own the end-to-end software delivery lifecycle—from code intake through secure, scalable production deployment. Your charter is simple but high-stakes: ensure that software can be deployed reliably, securely, and on mission timelines in DoW environments.
You will design and operate the DevSecOps pipeline, define the hosting architecture, and integrate security and compliance directly into delivery. This role spans both modern commercial DevOps practices and the realities of DoW deployment (IL-5 today with a path to IL-6), requiring you to make critical decisions across government networks, cloud environments, and hybrid architectures.
This is a senior role combining hands-on execution with system-level ownership. You will build key components directly while guiding the transition from an existing government-furnished environment to a scalable, long-term production system.
Key Responsibilities
Hosting Architecture & Production Environment
- Design and scale hosting architecture in IL-5 environments with a path to IL-6
- Evaluate and select deployment strategies across government networks, GovCloud, and hybrid platforms
- Build a production environment that supports zero-downtime deployments and enterprise-scale growth
DevSecOps Pipeline Ownership
- Design, build, and operate a modern CI/CD pipeline with integrated testing, security scanning, and compliance validation
- Establish and manage development, staging, and production environments
- Ensure alignment with DoW requirements (e.g., Iron Bank, STIGs, ACAS/OpenSCAP, FIPS)
Transition & System Consolidation
- Lead transition from incumbent contractor and government-furnished environments
- Inventory, assess, and rationalize existing services, dependencies, and infrastructure
- Simplify and consolidate architecture into a scalable, maintainable system
Release Management & Delivery Performance
- Own release cadence from capability intake through production deployment
- Ensure deployment quality through monitoring, rollback readiness, and performance metrics (e.g., uptime, failure rates)
- Support continuous delivery aligned with government timelines and operational needs
Security Integration & ATO Readiness
- Partner with Platform Security and RMF leadership to align on ATO strategy
- Ensure the pipeline generates required artifacts for authorization and continuous compliance
- Embed security and compliance into the delivery lifecycle—not as a post-deployment step
Required Qualifications
- 8+ years of DevOps/DevSecOps engineering experience, including at least one production pipeline owned end-to-end at scale
- 5+ years experience operating in DoW cloud environments (Azure Gov IL-5, AWS GovCloud, or equivalent IL-5 authorized environment). Working knowledge of DoW impact-level boundaries and the CC SRG.3
- Hands-on experience managing at least one complete ATO or cATO pathway in production.
- US Citizenship Required
- Active Secret Clearance (TS/SCI preferred)
- Willingness to travel up to 25% to USMC sites, Defcon AI HQ, and industry vendor facilities as required
Preferred Qualifications
- Active TS/SCI Clearance
- Experience supporting USMC or similar Service environments ]
- Experience transitioning systems from one contractor to another
- Experience with Iron Bank container certification
- Familiarity with platforms such as Second Front (Game Warden), Stormbreaker, or Black Pearl
- Exposure to Palantir Foundry or Anduril Lattice environment
What Success Looks Like
- A reliable, repeatable production deployment pipeline operating with a predictable cadence
- A clear, effective deployment strategy across both government and industry environments
- Seamless transition from incumbent systems with no disruption to mission capability
- ATO and compliance requirements integrated directly into the pipeline
- Infrastructure and deployment bottlenecks resolved to support enterprise-scale operations
What We Offer:
- A fully remote, results-based environment
- Competitive salary, bonus, and equity package
- 100% employer paid, comprehensive health insurance including medical, dental, and vision for you and your family
- Unlimited PTO, with your manager’s approval
- Flexible work environment where you manage your work day
- 14 weeks of fully-paid parental leave
Salary Range: $175,000-$215,000. This represents the typical salary range for this position based on experience, skills, and other factors.
We’re an Equal Opportunity Employer: You’ll receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability.
Applicant Data Disclosure
By submitting an application, you acknowledge that Defcon AI uses third-party service providers to facilitate its recruitment and hiring processes. These providers include applicant tracking systems, candidate verification platforms, and fraud detection tools (collectively, "Hiring Platforms"). Your application materials, including your résumé, cover letter, work samples, responses to application questions, and any other information you submit, may be transmitted to and processed by these Hiring Platforms for the following purposes:
- Managing and administering your application throughout the hiring process;
- Verifying the accuracy and authenticity of application materials, including by cross-referencing information you provide against publicly available sources and proprietary databases;
- Identifying indicators of potentially fraudulent, fabricated, or materially misleading application content, including but not limited to discrepancies between submitted materials and publicly available professional profiles, geographic anomalies, and fabricated work histories.
Applications that are flagged through this process as containing indicators of fraud or material misrepresentation may be declined from further consideration. If you have questions about the status of your application or the evaluation process, please contact [email protected].
Defcon AI requires its Hiring Platform providers to process your information solely for the purposes described above and in accordance with applicable law. Your information will be retained only for as long as necessary to fulfill these purposes and any applicable legal obligations, after which it will be deleted in accordance with Defcon AI's data retention policies.
For more information about how your data is used, please refer to our Privacy Policy and Applicant Privacy Notice.
Similar Jobs
Fintech • Payments • Financial Services
The role involves leading the DevSecOps pipeline for DoD software, overseeing deployment architecture, ensuring security and compliance, and managing production environments.
Top Skills:
Aws GovcloudAzure GovCi/CdCloud EnvironmentsDevsecopsIron BankSecurity Compliance
Cloud • Information Technology • Security • Software • Cybersecurity
The Director of Product Marketing will drive market awareness for Zscaler Private Access, lead a team, develop strategic messaging, and collaborate across departments for product launches.
Top Skills:
AICybersecuritySaaS
Cloud • Information Technology • Security • Software • Cybersecurity
Lead Zscaler's global data security and privacy legal function: develop and execute cybersecurity, data security, and privacy legal strategy; advise execs and board; manage incident response legal work; implement Privacy/Security by Design; negotiate security/privacy contract terms; manage and mentor a team of privacy lawyers; ensure compliance with global privacy and AI laws and certifications.
Top Skills:
Ai GovernanceCcpa/CpraCippCismCisspCloudEu Ai ActGdprGenerative AiLarge Language ModelsSaaSZero Trust
What you need to know about the Chicago Tech Scene
With vibrant neighborhoods, great food and more affordable housing than either coast, Chicago might be the most liveable major tech hub. It is the birthplace of modern commodities and futures trading, a national hub for logistics and commerce, and home to the American Medical Association and the American Bar Association. This diverse blend of industry influences has helped Chicago emerge as a major player in verticals like fintech, biotechnology, legal tech, e-commerce and logistics technology. It’s also a major hiring center for tech companies on both coasts.
Key Facts About Chicago Tech
- Number of Tech Workers: 245,800; 5.2% of overall workforce (2024 CompTIA survey)
- Major Tech Employers: McDonald’s, John Deere, Boeing, Morningstar
- Key Industries: Artificial intelligence, biotechnology, fintech, software, logistics technology
- Funding Landscape: $2.5 billion in venture capital funding in 2024 (Pitchbook)
- Notable Investors: Pritzker Group Venture Capital, Arch Venture Partners, MATH Venture Partners, Jump Capital, Hyde Park Venture Partners
- Research Centers and Universities: Northwestern University, University of Chicago, University of Illinois Urbana-Champaign, Illinois Institute of Technology, Argonne National Laboratory, Fermi National Accelerator Laboratory
