DevSecOps Engineer
Company: goTenna
Location: Burke
Posted on: October 31, 2025
|
|
|
Job Description:
goTenna is advancing universal access to connectivity by
building the worlds most intelligent and scalable mobile mesh
networks. goTenna is the worlds leading mobile mesh networking
company, providing off-grid connectivity solutions for smartphones
and other devices, as well as augmenting traditional communications
networks. This technology enables mobile, long-range connectivity
without cell, wifi, or satellite connectivity. goTennas drive to
create resilient connectivity began during Hurricane Sandy in 2012,
when approximately a third of cell towers and power stations in
affected areas failed. goTennas products are currently used by over
300 law enforcement, military, and public safety agencies
worldwide. goTenna is backed by investors, including Union Square
Ventures, Founders Fund, Lockheed Martin Ventures, Comcast
Ventures, MentorTech Ventures, Walden Venture Capital, and ONE9.
About the Role: The DevSecOps Engineer will play a pivotal role in
scaling and automating test infrastructure that supports goTenna’s
enterprise-wide integration, system, and field-testing initiatives.
This role is responsible for embedding security practices within
DevOps workflows while also owning the automation systems that
drive testing at scale—spanning mobile, embedded, and cloud-based
systems. You will lead the implementation of automated pipelines
and orchestration systems that coordinate execution across diverse
environments such as CI/CD pipelines, 30 node RF testbeds, and
portable multi-node test kits. The ideal candidate brings deep
expertise in secure automation, testbed provisioning, and
cross-team collaboration, enabling rapid iteration and validation
in support of product and mission success. This role demands
strategic thinking, hands-on execution, and tight alignment with
software, hardware, and test teams to ensure that security,
scalability, and repeatability are built into our testing lifecycle
from the ground up. Primary Responsibilities: Strategic Cloud
Services Management: Manage and optimize cloud services to enhance
scalability and security, aligning with cross-functional strategies
and ensuring best practices that differentiate our platform within
the market. CI/CD Pipeline Development and Management: Lead the
design and sustainment of CI/CD pipelines, defining key milestones
and providing updates to relevant teams to ensure rapid, secure
software deployment. Advanced Security and Compliance Oversight:
Own the security posture of applications and infrastructure,
conducting complex vulnerability assessments and implementing
solutions based on industry standards and regulatory requirements.
Data and DevOps Security Integration: Oversee database management
with a focus on data integrity and security. Integrate security
testing early in the software lifecycle, solving complex security
challenges with innovative solutions. Automation of Security
Processes: Develop and refine tools and systems for automating
security assessments and vulnerability scans within CI/CD,
utilizing in-depth knowledge of security protocols and practices.
Incident Response and Proactive Security Monitoring: Lead proactive
monitoring efforts for security incidents, implement response
measures, and develop strategies to prevent recurrence, providing
guidance to less experienced colleagues as a resource. Compliance
and Risk Management: Develop comprehensive risk management
strategies and ensure all practices meet regulatory and industry
standards. Act as a primary resource in assessing and managing
software development risks. Strategic Collaboration and Training:
Promote a security-first mindset, strategically providing secure
coding training and resources to drive a culture of security across
multiple functions. Policy Development and Enforcement: Formulate,
enforce, and continuously improve security policies and procedures
throughout the software lifecycle, taking ownership of policy
development and enforcement. Required Experience: Education &
Experience: Bachelor’s degree in Computer Science, Information
Systems, or a related field, with at least 4 years in DevOps,
focusing on security best practices in AWS environments. Technical
Skills: Advanced proficiency in automation tools, AWS, security
protocols, and Agile methodologies. Extensive knowledge of security
tools and DevOps tools (e.g., Jenkins, Docker, Kubernetes, ECS,
GitHub Actions). Business Acumen: Demonstrates awareness of
competitive differentiators in the market, understanding how the
role’s responsibilities impact broader business objectives.
Communication: Proven ability to communicate effectively with
technical and non-technical stakeholders, prioritizing tasks
independently while providing input on prioritization to
lower-level team members. Tools & Technologies: Experience with
security tools (firewalls, IDS/IPS, SIEM) and familiarity with
compliance frameworks (ISO 27001, SOC 2, GDPR, PCI-DSS). Preferred
Experience: Startup Environment: Ability to thrive in a fast-paced
startup setting, adapting quickly to evolving priorities. Cloud
Platforms: Experience with multiple cloud platforms (e.g., Google
Cloud Platform, Firebase) beyond AWS. Development Skills: Strong
scripting and infrastructure-as-code capabilities. Industry
Certifications: CISSP, CEH, CompTIA Security, or OSCP
certifications are advantageous. Practical Experience: Demonstrated
experience in a DevSecOps role, improving software security
postures. Cloud Security: In-depth knowledge of cloud security
tools and best practices across various platforms (AWS, Azure,
Google Cloud). Test Infrastructure Automation: Experience designing
and managing automated test pipelines (e.g., Watchtower, Cypress)
across distributed systems and multi-node environments. Testbed
Orchestration: Familiarity with orchestrating job execution across
physical and virtualized testbeds (e.g., RF-based nodes, portable
mesh networks like “Gadgets”). Enterprise Testing Support:
Experience supporting enterprise-scale testing initiatives,
including coordination with hardware-in-the-loop environments and
tools like Hydra for automated scheduling and test data collection.
CI/CD Integration for Test Automation: Strong understanding of
integrating large-scale testing frameworks into CI/CD workflows for
continuous validation and regression coverage. Continuous Learning:
Commitment to ongoing education in security trends, threats,
technologies, and emerging DevSecOps practices. ITAR: U.S. Citizen
or Green Card Required Placement at the appropriate job level
(entry, senior, etc) will be determined by a combination of years
of experience, demonstration of proficiency in this field, and
other qualifications. goTenna is an equal opportunity employer and
we value diversity at our company. We do not discriminate on the
basis of race, religion, color, national origin, gender, sexual
orientation, age, marital status, veteran status, or disability
status. Able to lift 30 lbs. goTenna Benefits: Equity 401(k) plan
Unlimited PTO Parental Leave with Pay Holiday pay (including
December recess) Medical, Dental, Vision and life insurance Pre-tax
benefits Short- and Long-term disability plans Professional
Education Stipend
Keywords: goTenna, Burke , DevSecOps Engineer, IT / Software / Systems , Burke, Virginia
