DevSecOps Strategy & Security Architecture Lead

OverviewILS Inc. is seeking a DevSecOps Strategy & Security Architecture Lead to define the roadmap, architecture, and design framework for secure software delivery supporting a federal IT modernization initiative. This role is focused on strategic planning and enterprise architecture, developing a unified DevSecOps strategy that integrates security into every stage of the development lifecycle and advances the program’s Continuous Authorization to Operate (cATO) objectives.Develop a federal DevSecOps roadmap aligning development, operations, and cybersecurity practices with NIST and agency ATO/cATO frameworks.Design the enterprise DevSecOps reference architecture, including governance, automation strategy, and control inheritance model.Define security-by-design principles to ensure compliance is embedded across the software development lifecycle (SDLC).Establish policy, process, and governance models to standardize secure development, testing, and deployment across multiple programs.Create architecture blueprints and design artifacts supporting Continuous Monitoring (ConMon) and security automation.Advise leadership on tooling strategy, risk management, and compliance automation to accelerate cATO readiness.Collaborate with federal stakeholders, ISSOs, and system owners to align modernization activities with security objectives.Develop DevSecOps maturity models and performance metrics to track progress toward continuous authorization and operational resilience.Bachelor’s degree in Computer Science, Cybersecurity, or related field.7+ years of experience in cybersecurity architecture, DevSecOps strategy, or cloud security governance.Understanding of federal security frameworks (NIST SP 800-53, RMF, FedRAMP, ATO, cATO).Proven experience developing DevSecOps strategies, roadmaps, and enterprise-level design documentation.Strong knowledge of CI/CD architecture, cloud-native security (AWS, containers), and secure SDLC concepts.Excellent written and verbal communication skills for engaging technical and executive stakeholders.Preferred SkillsProfessional certifications such as CISSP, CISM, CAP, or Security+.Experience with Zero-Trust Architecture, SBOM management, and supply chain risk mitigation.Prior experience supporting federal ATO or cATO readiness programs.

Created: 2025-10-20