DevSecOps Strategy & Security Architecture Lead

Overview

ILS Inc. is seeking a DevSecOps Strategy & Security Architecture Lead to define the roadmap, architecture, and design framework for secure software delivery supporting a federal IT modernization initiative. This role is focused on strategic planning and enterprise architecture, developing a unified DevSecOps strategy that integrates security into every stage of the development lifecycle and advances the program’s Continuous Authorization to Operate (cATO) objectives.

• Develop a federal DevSecOps roadmap aligning development, operations, and cybersecurity practices with NIST and agency ATO/cATO frameworks.
• Design the enterprise DevSecOps reference architecture, including governance, automation strategy, and control inheritance model.
• Define security-by-design principles to ensure compliance is embedded across the software development lifecycle (SDLC).
• Establish policy, process, and governance models to standardize secure development, testing, and deployment across multiple programs.
• Create architecture blueprints and design artifacts supporting Continuous Monitoring (ConMon) and security automation.
• Advise leadership on tooling strategy, risk management, and compliance automation to accelerate cATO readiness.
• Collaborate with federal stakeholders, ISSOs, and system owners to align modernization activities with security objectives.
• Develop DevSecOps maturity models and performance metrics to track progress toward continuous authorization and operational resilience.

• Bachelor’s degree in Computer Science, Cybersecurity, or related field.
• 7+ years of experience in cybersecurity architecture, DevSecOps strategy, or cloud security governance.
• Understanding of federal security frameworks (NIST SP 800-53, RMF, FedRAMP, ATO, cATO).
• Proven experience developing DevSecOps strategies, roadmaps, and enterprise-level design documentation.
• Strong knowledge of CI/CD architecture, cloud-native security (AWS, containers), and secure SDLC concepts.
• Excellent written and verbal communication skills for engaging technical and executive stakeholders.

Preferred Skills

• Professional certifications such as CISSP, CISM, CAP, or Security+.
• Experience with Zero-Trust Architecture, SBOM management, and supply chain risk mitigation.
• Prior experience supporting federal ATO or cATO readiness programs.