• DevSecOps Engineer-Experienced

    Oshkosh Corporation (New Hudson, MI)


    About Pratt Miller, an Oshkosh company

     

    Pratt Miller is a product development company in motorsports, defense, and mobility industries providing clients with product engineering and low-volume production solutions. Our range of research & development, engineering, prototype manufacturing, test & validation, and low-rate production capability help our customers bring their high-quality products to market faster.

     

    The DevSecOps Engineer is responsible for implementing secure development pipelines, automation frameworks, and compliant infrastructure to support defense programs operating under CMMC Level 2 and NIST 800-171/172 requirements. This role integrates security controls into cloud and on-prem environments, supports continuous monitoring and vulnerability management, and ensures systems hosting Controlled Unclassified Information (CUI) meet mission-critical performance and cybersecurity standards. This is a hands-on position that will work closely with software, IT, and security teams to deliver resilient, secure, and auditable solutions across defense projects.

    ESSENTIAL FUNCTIONS AND SKILLS

    Typical responsibilities include, but are not limited to:

    Project Execution

    + Responsible for the design, implementation, and maintenance of secure DevSecOps infrastructure and delivery pipelines to support defense programs under CMMC Level 2 compliance.

    + Implement security controls and automation within CI/CD pipelines using GitLab and related DevSecOps tooling.

    + Ensure adherence to secure coding practices, compliance with NIST SP 800-171/172, and CMMC Level 2 cybersecurity standards across software development and infrastructure management.

    + Collaborate with defense software and cybersecurity teams to integrate automated testing, vulnerability management, and secure deployment strategies into cloud and on-prem environments.

    + Assist in identifying technologies and tools that enhance security posture, automation, and compliance monitoring capabilities.

    Customer Focus

    + Maintain a customer-focused view of system security and DevSecOps process effectiveness across defense project initiatives.

    + Participate in technical and compliance reviews with customers and stakeholders to ensure systems meet mission-critical availability, reliability, and security requirements.

    Research

    + Research and implement new technologies, security tools, and methodologies to enhance automation, compliance, and system resilience.

    + Stay informed on evolving DoD cybersecurity standards, cloud governance models, and zero-trust architectures to ensure continuous compliance.

    Collaboration

    + Work across multidisciplinary engineering and IT teams, integrating security controls within development and operational environments.

    + Collaborate with network, software, and security engineers to ensure end-to-end protection of systems hosting Controlled Unclassified Information (CUI).

    + Participate in design and code reviews, infrastructure planning meetings, and post-implementation security assessments.

    + Work effectively with remote and hybrid teams using collaboration tools such as MatterMost and GitLab.

    Problem Solving

    + Demonstrate strong analytical thinking and problem-solving skills with the ability to address complex infrastructure and cybersecurity challenges.

    + Leverage automation and monitoring to proactively identify and resolve performance or compliance issues within DevSecOps pipelines.

    ADDITIONAL REQUIREMENTS

    + Strong documentation skills for configurations, compliance evidence, and SOPs.

    + Ability to clearly explain complex security concepts to both technical and non-technical audiences.

    + Self-starter with a security-first mindset and the ability to manage multiple projects with minimal supervision.

    + Collaborative and communicative, with consistent effectiveness working across disciplines.

    EDUCATION / CERTIFICATION / YEARS OF EXPERIENCE

    + Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field; advanced degree preferred.

    + Must meet the requirements for obtaining a U.S. Government clearance; **active Secret or higher clearance preferred** .

    + Experience developing and maintaining secure CI/CD pipelines using GitLab, Jenkins, or Azure DevOps.

    + Experience implementing automated security testing tools (SAST, DAST, SCA) and vulnerability management systems.

    + Experience with CMMC Level 2 or NIST 800-171 compliance in defense or government environments.

    + Experience managing secure infrastructure in AWS GovCloud, Azure Government, or on-prem DoD-accredited environments.

    DESIRED SPECIALIZED SKILLS AND KNOWLEDGE

    Technical Expertise

    + Deep understanding of DevSecOps principles, CI/CD, and automation frameworks.

    + Expertise in network architecture and security (TCP/IP, VLANs, VPNs, firewalls, IDS/IPS systems).

    + Active Directory and Group Policy administration for secure identity and access management.

    + Experience implementing zero-trust and least-privilege access models.

    + Knowledge of cloud security configurations, infrastructure-as-code (Terraform, Ansible), and container orchestration (Docker, Kubernetes).

    + Familiarity with CMMC Level 2, DFARS 252.204-7012, and DoD cybersecurity frameworks.

    Tools and Technologies

    + **Networking/Infrastructure/Security:** TCP/IP, VLAN, VPN, DNS, zero-trust networking; firewalls; IDS/IPS; endpoint protection; Active Directory/Azure AD; log aggregation and monitoring (Prometheus, Kibana, Splunk, Jaeger).

    + **DevSecOps / Automation Tools:** GitLab, Jenkins, Azure DevOps, Nexus, Ansible, Terraform; Docker and Kubernetes; SAST/DAST/fuzz testing/SBOM tools; OpenTelemetry; Prometheus; collaboration tools including MatterMost and Jira/Atlassian.

    + **Cloud Platforms:** AWS GovCloud (EC2, Lambda, Route 53, ECR, CloudTrail); Azure Government (Virtual Machines, IoT Hub, Functions, CosmosDB, Azure Security Center).

    WORK ENVIRONMENT & EXPECTATIONS

    + Standard daytime schedule Monday–Friday, with flexibility for surge requirements or deadline-driven tasks.

    + This is an on-site position in New Hudson, MI.

    + Some travel for customer engagement, system integration, or compliance activities.

    Pay Range:

    $78,400.00 - $121,500.00

     

    The above pay range reflects the minimum and maximum target pay for the position across all U.S. locations. Within this range, individual pay is determined by various factors, including the scope and responsibilities of the role, the candidate's experience, education and skills, as well as the equity of pay among team members in similar positions. Beyond offering a competitive total rewards package, we prioritize a people-first culture and offer various opportunities to support team member growth and success.

     

    Oshkosh is committed to working with and offering reasonable accommodations to job applicants with disabilities. If you need assistance or an accommodation due to a disability for any part of the recruitment process, please contact our talent acquisition team by email [email protected] .

     

    Oshkosh Corporation is a merit-based Equal Opportunity Employer. Job opportunities are open for application to all qualified individuals and selection decisions are made without regard to race, color, religion, sex, national origin, age, disability, veteran status, or other protected characteristic. To the extent that information is provided or collected regarding categories as provided by law it will in no way affect the decision regarding an employment application.

     

    Oshkosh Corporation will not discharge or in any manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with Oshkosh Corporation's legal duty to furnish information.

     

    Certain positions with Oshkosh Corporation require access to controlled goods and technologies subject to the International Traffic in Arms Regulations or the Export Administration Regulations. Applicants for these positions may need to be "U.S. Persons," as defined in these regulations. Generally, a "U.S. Person" is a U.S. citizen, lawful permanent resident, or an individual who has been admitted as a refugee or granted asylum.