Headquarters: Alexandria HQ (remote)
URL: http://element84.com

About Element 84

Element 84 is a woman-owned small business that works with public, private, and non-profit sector clients to develop geospatial data processing pipelines & build software that helps answer big questions about our health, our infrastructure, and our changing planet. We solve challenging problems across a wide range of industries, but our super power is cloud-based geospatial data processing, remote sensing, and Earth science systems. Our headquarters is located in Alexandria, VA and we have a satellite office in Philadelphia, PA. Element 84 also supports a large remote workforce from a variety of other states.

A Few Other Things You Should Know

1. Element 84's values are: We Invest in Each Other, We are Reliable, and Our Work Benefits our World.

2. Element 84 works on meaningful projects that are challenging—from a technical, people, and team perspective. We make an impact on large projects through our leadership and expertise, both formal and informal.

3. Element 84 values life outside of work. We offer parental leave for everyone and support each other through family challenges like medical problems, adoptions, and new babies.

4. Element 84 has had a flexible work schedule since our founding in 2010.

5. Element 84 is committed to fostering a culture of curiosity and respect for all individuals as we constantly strive to create a work environment where everyone feels welcome and supported.

About You

You are curious about the world, are constantly learning, driven to lead (formally or informally), and have a strong work ethic. You're interested in solving impactful problems in science, medicine, and other projects that have a societal good. You can work independently or with a team, prioritize your projects, and be effective without micromanagement.

You'll care about writing. Our team is remote and written communication is essential. In addition to caring about a well-crafted email and a succinct conference abstract, you understand that good writing is good design and engineering.

Job Summary

We are seeking a highly skilled and experienced Senior DevSecOps Engineer to join our team. In this role, you will be a key contributor to securing our client’s cloud infrastructure and applications across AWS, Azure, and Google Cloud Platform (GCP). You will be responsible for ensuring compliance with federal security standards and integrating security best practices into our development and operations processes. This is a senior-level position that requires in-depth technical knowledge and the ability to work independently under the general direction of our client’s Cybersecurity Organization.

Key Responsibilities

• Cloud Security Engineering: Design, implement, and maintain secure cloud solutions across AWS, Azure, and GCP to meet mission and compliance requirements.

• Security Documentation: Assist in developing and maintaining essential security artifacts, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POA&Ms).

• Architectural Analysis: Analyze complex cloud and system architectures to identify security risks and recommend effective mitigation strategies.

• Control Implementation: Apply and document security controls based on NIST 800-53 and NIST 800-171 standards.

• DevSecOps Integration: Collaborate with all functional areas of the team to embed security into CI/CD pipelines and automate security checks.

• Vulnerability & Incident Support: Assist in cloud-based incident response and lead vulnerability remediation efforts.

• Cloud Security Best Practices: Provide expert guidance on cloud security best practices, including encryption, access controls, identity management, and data protection.

• Security Tooling & Evaluation: Evaluate, recommend, and implement cloud-native and third-party security tools.

• Risk & Change Management: Participate in design reviews, risk assessments, and change control processes to ensure the security of new systems and changes.

• Continuous Monitoring: Lead annual security assessments and ongoing monitoring activities to maintain a strong security posture.

• <