Sr./Principal Software Engineer (DevSecOps Architect) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Nava · 3 weeks ago

Sr./Principal Software Engineer (DevSecOps Architect)

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level, Lead/Staff
money$153K/yr - $171K/yr
date5+ years exp

Nava is a consultancy and public benefit corporation working to make government services simple and effective. The Sr./Principal Software Engineer (DevSecOps Architect) will be responsible for implementing and maintaining a robust information security program for federal government contracts, ensuring the security and compliance of cloud-based solutions primarily on AWS.

AppsCloud Data ServicesComputerGovernmentGovTechSoftwareWeb Development
check
Growth OpportunitiesbadNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Design, implement, and maintain the organization’s security architecture in alignment with federal security standards (e.g., FISMA, NIST SP 800-53, 800-171) and contract requirements
Lead security planning and risk assessments for government systems hosted in AWS
Serve as the primary security point of contact for government programs, overseeing incident response, vulnerability management, and system hardening activities
Develop and maintain security documentation required for system authorization, including System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), Security Assessment Reports (SARs), and Continuous Monitoring strategies
Support the Authority to Operate (ATO) process across multiple projects, working closely with compliance teams, federal partners, and internal stakeholders
Architect, oversee and support implementation of security controls across AWS services (e.g., IAM, KMS, Security Hub, GuardDuty, CloudTrail, Config, WAF, etc.)
Perform regular audits, security assessments, and continuous monitoring to ensure compliance with government standards and internal policies
Collaborate with engineering teams to integrate security into SDLC/DevOps pipelines, using tools such as SonarQube, Snyk, Tenable, and Jenkins
Lead incident response efforts for government systems, including containment, eradication, and recovery, while maintaining proper documentation and communication protocols
Research and recommend emerging AWS security services and technologies to improve security posture and maintain compliance
Mentor junior DevSecOps team members and foster a culture of security-first thinking across the organization
Interface with federal agency stakeholders, auditors, and security assessors to represent the organization’s security practices and compliance efforts
Participate in proposal development and pre-award planning by advising on security architecture and compliance strategies for new federal opportunities

Qualification

AWSFISMANIST 800-53DevSecOpsSecurity ArchitectureCISSPInformation SecuritySecurity DocumentationIncident ResponseAnalytical SkillsLeadershipProblem-SolvingCommunication Skills

Required

Bachelor's or Master's degree in Computer Science, Information Security, Cybersecurity, or a related field
5+ years of experience in information security, with at least 2 years supporting federal government contracts and managing system compliance efforts
Deep understanding of federal security frameworks, including FISMA, NIST 800-53, 800-171, and FedRAMP
Hands-on experience managing security for AWS cloud environments, including services such as: IAM, KMS, CloudTrail, Security Hub, GuardDuty, Config, VPC, EC2, Lambda, S3, RDS, DynamoDB, WAF, Shield, Inspector, Secrets Manager
Experience leading or supporting the ATO process, including documentation, control implementation, security testing, and coordination with third-party assessors or agency officials
Proficiency in modern DevSecOps toolchains and methodologies (e.g., Terraform, Jenkins, GitHub, New Relic, SonarQube, Snyk, Tenable Nessus)
Solid understanding of secure software development principles across languages and frameworks such as Java, Spring Boot, Python, Go, JavaScript/TypeScript, and Angular
Demonstrated ability to communicate security concepts to technical and non-technical stakeholders
Strong leadership, analytical, and problem-solving skills
Legal authorization to work in the United States
Ability to meet any other requirements for government contracts for which candidates are hired
Work authorization that doesn't require visa sponsorship, now or in the future
May be subject to a government background check or security clearance, depending on the contract

Preferred

CISSP, CISM, or equivalent federal security certification (e.g., CAP, GSLC)

Benefits

Health coverage — comprehensive medical, dental, and vision plans to support your overall health needs
Insurance coverage — Nava provides disability, life, and accidental death insurance at no cost
Time off — vacation, holidays (including Juneteenth), and floating holidays to rest and recharge
Company holidays — enjoy 12 paid federal holidays each year on top of your regular PTO
Annual bonus — when Nava meets its goals, eligible employees receive a performance-based annual bonus
Parental leave — paid time off for new parents, plus weekly meals delivered to your home
Wellness program — full platform offering physical, mental, & emotional health resources & support tools
Virtual care — see doctors online with no copay through UnitedHealthcare’s virtual visit program
Sabbatical leave — earn extended unpaid leave after continuous service for personal growth or rest
401(k) match — Nava matches 4% of your salary to support your retirement savings plan
Flexible work — remote-first environment with flexibility built around your schedule and responsibilities
Home office setup — company laptop & setup assistance provided via Staples for remote work needs
Utility support — monthly reimbursement to help offset eligible home office utility expenses
Learning opportunities — internal training programs and resources to help grow your professional skills
Development opportunities — LinkedIn Learning access & an annual allowance for courses, tuition, & certs
Referral bonus — get rewarded when you refer great people who join the Nava team
Commuter benefits — pre-tax commuter programs to support in-office travel when applicable
Supportive culture — A collaborative and remote-friendly team environment where people genuinely care

Company

Nava

twittertwittertwitter
Glassdoor4.5
company-logo
Nava is a consultancy and public benefit corporation that makes government services simple, effective, and accessible to all.
dateFounded in 2015
location
Washington, District of Columbia, USA
people-size501-1000 employees
web-link
https://www.navapbc.com/

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Rohan Bhobe
CEO and Co-founder
linkedin
leader-logo
Senongo Akpem
VP of Design
linkedin

Recent News

Washington Technology
Talent, growth and tech leadership moves across the market
2025-03-14
TradingView
Indian ferro-alloy producer Nava drops on Q4 profit slide
2024-05-23
PharmiWeb.com
Nava Health Continues Expansion With Opening Of New Locat...
2024-04-29
Company data provided by crunchbase