Senior DevSecOps Engineer - S R INTERNATIONAL INC - Harrisburg, PA

Job Title: Senior DevSecOps Engineer

Client: Commonwealth of Pennsylvania

Job ID: 799484 - hybrid (60% remote vs. 40% onsite), 1st day onsite onboarding

Location: Mechanicsburg, PA 17050

Closing Date:04/17/2026

Role summary

PSDC (Public Safety Delivery Center) requires the services of a Senior DevSecOps Engineer to act as consultant with the PSDC Solutions Management group.

Hands-on security automation for AWS delivery.

Build secure-by-default CDK constructs and CloudFormation templates, wire them into CI/CD, and enforce compliance checks that map to CJIS and NIST.

Azure support is a future consideration, not a core day-one duty.

Scope boundaries

Does not own enterprise AWS Organizations or SCP operations.
Designs and builds reference guardrails and enforcement patterns that can be deployed by enterprise teams.
Focuses on preventive controls and compliance automation, not incident response.


What you will deliver

First 90 days

Pipeline security templates in GitHub Actions and Azure DevOps with SAST, SCA, IaC, container, and secret scanning gates.
Compliance as code in reference accounts: AWS Config rules and Security Hub standards aligned to CJIS and NIST 800-53, with exceptions workflow documented.
IaC reference modules using AWS CDK and CloudFormation for IAM least privilege, KMS, Secrets Manager, logging, and network baselines; Terraform equivalents provided where teams require them.
Evidence exports tying checks to control IDs and producing auditor-ready artifacts.


Ongoing

Harden CDK/CFT modules and pipeline templates as compliance needs evolve.
Coach pilot teams to adopt templates.
Raise gaps to enterprise teams for org-level enforcement.


Day-to-day responsibilities

Author and maintain AWS CDK