DevSecOps Engineer (U.S. Remote)
Job DescriptionJob Description
Work Location: Remote U.S. Based
Reporting Hours: Central European Business Hours.
Travel: Initial visit, closeout visit and ability to travel up to one week at a time as needed to NATO locations.
Clearance: DoD Secret Security Clearance or NATO Secret Security Clearance required.
Applications will not be accepted after November 5th, 2025.
At geocgi we pride ourselves on not losing our focus. We started out and remain GIS experts (or geeks. . . depending on your perspective). Since 2006, we’ve evolved into a world-class and world-wide service provider of multiple disciplines. We are a talented, hardworking group that share values and characteristics that drive client, professional, and personal success. Geocgi is seeking a DevSecOps Engineer to provide technical support to the NATO Communications and Information Agency (NCIA) Cloud Operations Center. This role supports NATO’s modernization of IT services by leveraging Microsoft Azure cloud environments to deliver secure, reliable, and scalable digital infrastructure. The selected engineer will help build and maintain cloud environments following security-by-design and DevSecOps best practices in support of NATO’s Enterprise Cloud Operating Model. This fully remote U.S. based position offers the opportunity to contribute to NATO’s digital transformation initiatives and help shape the secure cloud foundation enabling collaboration and operational readiness across the Alliance.
Key Responsibilities:
• Operate and maintain cloud infrastructure in Microsoft Azure using DevSecOps principles.
• Deploy and manage landing zones to create secure, scalable cloud foundations.
• Utilize Infrastructure as Code (IaC) and CI/CD pipelines with Azure DevOps.
• Build, deploy, and manage containerized workloads using Azure Kubernetes Service (AKS).
• Configure, monitor, and optimize Azure Virtual Machines (VMs)—including patching, backup, and performance tuning.
• Design and maintain automated disaster-recovery and backup solutions (Azure Backup, Site Recovery, storage replication).
• Implement and manage governance controls such as Azure Policy to ensure compliance with NATO standards.
• Enforce Zero-Trust security principles, including network segmentation, -based access, and logging.
• Manage secure application access for end-users through Azure Application Gateways and load balancers.
• Troubleshoot complex Azure service issues (access, networking, resource management).
• Monitor system health and availability using Azure Monitor, Log Analytics, and Application Insights, configuring automated alerts.
• Maintain comprehensive technical documentation for Azure services, configurations, and workflows.
• Collaborate with IT security, compliance, and engineering teams to ensure cohesive management strategies.
• Contribute to the lifecycle of secure infrastructure modules in coordination with the NATO CTO and CCoE.
• Identify and implement automation improvements that enhance efficiency and security.
• Drive continuous improvement, evaluating new Azure capabilities, DevOps tools, and security enhancements.
• Support operational readiness by creating runbooks and knowledge-transfer materials for support teams.
As an employee of geocgi, the DevSecOps Engineer will have access to a generous benefits package, in addition to a corporate culture and community of GIS geeks. Our benefits include but are not limited to:
• Competitive salaries, commensurate with experience and leading Federal Contractors in the geospatial industry.
• Opportunities for upward mobility in a dynamic fast paced environment within a small company.
• Merit-based spot and end of year bonuses.
• Safe Harbor 401(k) plan with immediate vesting.
• Flexible work hours and PTO.
• Complete Medical, Dental, and Vision coverage for individuals.
• Company paid training, certifications, and professional growth and development.
The following are requirements of the DevSecOps Engineer:
• U.S. and Active U.S. Passport.
• DoD Secret Security Clearance or NATO Secret Clearance required.
• 5 years of experience with a bachelor’s degree in computer science, IT or related field; or 3 years of experience with a master’s degree; or 2 years of experience with a PhD.
• Willingness and ability to work Central European Time (CET).
• Deep understanding of Microsoft Azure IaaS/PaaS environments.
• Experience designing and deploying landing zones using IaC and CI/CD pipelines.
• Proficiency with Azure Kubernetes Service (AKS) and Azure DevOps.
• Skilled in managing Azure VMs, load balancers, Application Gateways, and network configuration.
• Knowledge of security-by-design, governance, and compliance frameworks (Zero Trust, Azure Policy).
• Strong analytical and troubleshooting ability for complex Azure environments.
• Excellent written and verbal communication; ability to produce documentation and train end-users.
• Collaborative mindset with experience working in Agile/DevOps teams.
• Exceptional attention to detail and organizational discipline managing multiple tasks.
• Full professional proficiency in English (French proficiency an advantage).
• Other: Willingness to travel occasionally to NATO offices (e.g., Brussels or Braine-l’Alleud) for onboarding or periodic reviews.
The annual base salary range for this position is anticipated to be $95,000-$120,000 USD. The listed salary range represents our good faith estimate for this position. Please note that the salary information is a general guideline only. Geocgi considers factors such as (but not limited to) scope and responsibilities of the position, candidate’s education & work experience, training & certifications, and key skills as well as market and business considerations at the time of the offer.
Please visit our website and careers page at: www.geocgi.com to apply. Geocgi provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to , , , , , , status, genetics, protected veteran status, , or expression, or any other characteristic protected by federal, state, or local laws.