Veterans Encouraged to Apply: Detroit Defense proudly supports those who have served. We welcome applicants with military experience, including those transitioning to civilian careers. Your leadership, adaptability, and mission-focused mindset are valued here. Detroit Defense is a 4x recipient of the Hire Vets Gold Medallion Award.
Detroit Defense is seeking a DevSecOps Engineer with primary strength in Application Security for Linux operating environments. The DevSecOps Engineer will analyze C/C++ development environments, system architectures, and safety-critical security risks to define and implement security controls, realized through DevSecOps pipelines, for embedded applications running in Linux environments. This includes integrating source code repositories, build systems, security analysis tools, issue management systems, and developer environments.
Essential Duties and Responsibilities:
- Analyze application architectures, deployment topologies, and trust boundaries to identify threats and define appropriate security controls across the development lifecycle
- Develop and apply threat models to identify vulnerabilities and drive the selection of security controls in code, pipelines, and runtime environments
- Interact with software developers to guide secure development, perform code reviews, and provide actionable, risk-based recommendations
- Design, implement, and maintain CI/CD pipelines that enforce and validate security controls (e.g., SAST, SCA, build integrity, artifact security) for C/C++ applications targeting Linux hosts
- Build C/C++ applications using standard Linux toolchains (e.g., gcc/g++, make, cmake) and resolve compilation and dependency issues
- Manage and securely handle pipeline artifacts, dependencies, and environment variables, ensuring sensitive information is not exposed in code or logs
- A bachelor’s degree from an accredited college or university in computer Science, Engineering, or an applicable field of study
- Minimum of three years in Application Security or software development role
- Ability to obtain and maintain a Common Access Card (CAC) and a US Government Security Clearance
- Skilled in Agile, DevOps, and modern delivery practices
- Strong Linux expertise, including system internals and security topics such as permissions, process isolation, secure execution (non-root services), file handling, and common vulnerability classes
- Strong analytical and problem-solving skills with an attacker mindset, able to anticipate and simulate real-world attacks and identify vulnerabilities beyond automated scanning
- Experience interpreting and applying security frameworks (e.g., STIGs, FIPS 140-x, NIST 800-53) to derive system-specific security controls and implement them within development pipelines and deployed environments
- Evaluate application and system designs to identify security gaps and recommend architectural improvements beyond pipeline-based controls
- Evaluate trade-offs between security, performance, and operational constraints in safety-critical or resource-constrained environments
- Have hands-on experience with GitLab CI/CD pipelines, including writing and debugging .gitlab-ci.yml configurations
- Are familiar with Coverity, Black Duck, or similar SAST/SCA tools and understand how to interpret and act on scan results
- Have experience building C/C++ applications in Linux environments using gcc, make, or cmake
- Are familiar with secure handling of secrets and credentials within CI/CD pipelines
Detroit Defense offers an impressive compensation and benefits package including:
- Medical, Dental & Vision Benefits
- Company Paid Life and AD&D
- Company Paid Short Term and Long-Term Disability
- Flexible Spending & HSA Accounts
- Legal & ID Shield Services
- 401k with Company Match
- Paid holidays
- Paid Time Off (PTO)
Why Detroit Defense:
At Detroit Defense, we deliver mission-critical solutions that enhance national security, protect the warfighter, and enable readiness through innovation, technical excellence, and end-to-end lifecycle support.
Remaining steadfast in our core values of Trustworthy, Mission Driven, Creative, and Agile we are a complex systems integrator for the U.S. Government, Detroit Defense provides solutions to meet the technical and programmatic challenges faced by our customers. Our proven success in multi-domain cross-platform system-of-systems integration results in fielded capability for warfighters. From R&D to production, fielding, and sustainment, Detroit Defense provides services and solutions to Empower Those That protect Us.
Detroit Defense is a proud recipient of the Hire Vets Gold Medallion Award since 2022.
Detroit Defense is an Equal Opportunity/Affirmative Action employer. All qualified applicants will be considered without regard to race, color, religion, national origin, sex (including gender identity or gender expression), age, mental or physical disability, creed, ancestry, citizenship, veteran status, marital status, sexual orientation, medical condition, genetic trait or any other characteristic protected by federal, state or local law.
PI284285151