Description
About Us
eSimplicity is a modern digital services company that partners with government agencies to improve the lives and protect the well-being of all Americans, from veterans and service members to children, families, and seniors. Our engineers, designers, and strategists cut through complexity to create intuitive products and services that equip federal agencies with solutions to courageously transform today for a better tomorrow
This position is contingent upon contract award
Responsibilities:
Designing, implementing, and maintaining the DevSecOps toolchain that supports the Salesforce-based MESH platform and its integrations across AWS, Microsoft 365, T-MSIS, MBES/MacFin, and CMS DataConnect
Building and operating CI/CD pipelines using GitHub Actions and Copado that automate build, test, security scanning, deployment, and rollback for both Salesforce and AWS-hosted components
Managing AWS cloud infrastructure using infrastructure-as-code (Terraform, AWS CloudFormation) and configuration management tools (Ansible), in alignment with CMS Cloud governance and FedRAMP Moderate baselines
Implementing observability across the platform using tools such as Splunk, AWS CloudWatch, New Relic, or Dynatrace; building dashboards and alerts for system health, latency, throughput, error rates, and capacity (median, 95th, and 98th percentile)
Automating day-to-day operational tasks (provisioning, patching, configuration, user/access management) using Python, Bash, PowerShell, and AWS APIs to reduce toil and improve repeatability
Partnering with the security team to integrate security gates (SAST, DAST, SCA, container scanning) into pipelines and to remediate vulnerabilities within CMS-defined timeframes
Supporting incident, change, and problem management as part of an integrated Agile delivery team; contributing to root-cause analyses and preventive actions
Maintaining hardened, monitored environments for development, testing, UAT, staging, and production with minimum-downtime deployment strategies and tested rollback procedures
Implementing data backup, retention, and disaster-recovery solutions for both Salesforce and AWS-hosted assets, validated through scheduled restoration tests
Managing user access, secrets, and certificates across CMS IDM/Okta, EUA, AWS IAM, GitHub, and Copado in accordance with least-privilege and zero-trust principles
Documenting architecture, runbooks, deployment procedures, and operational standards in CMS-approved tools (Confluence, Box, GitHub) and ensuring transparency for CMS Product Owners
Coordinating with the CMS Cloud contractor to optimize cloud resource utilization, cost, and adherence to CMS Cloud governance processes
Mentoring engineers on DevSecOps best practices, automation-first design, and continuous-improvement metrics tied to deployment frequency and reliability
Requirements
Required Qualifications:
All candidates must pass public trust clearance through the U.S. Federal Government. This requires candidates to either be U.S. citizens or pass clearance through the Foreign National Government System which will require that candidates have lived within the United States for at least 3 out of the previous 5 years, have a valid and non-expired passport from their country of birth and appropriate VISA/work permit documentation
Bachelor’s degree in computer science, engineering, or related field
8+ years of hands-on DevSecOps experience with AWS cloud architectures, CI/CD pipelines (GitHub Actions), log aggregation (Splunk), monitoring (New Relic), and security tools (Snyk, Tenable Nessus, AWS Security Hub), and release management
Expert knowledge of AWS services (server and serverless), S3 access management, and application configuration
Strong experience with Ansible or Terraform, AWS CloudFormation, Python, Jenkins, Git, and security-scanning tools (Nessus, BurpSuite, OWASP ZAP, etc.)
Hands-on experience implementing infrastructure-as-code across the full stack of development and data analytics environments
Experience with data organization, partitioning strategies, and data retention policies for cloud-based data pipelines
Strong investigative skills with the ability to perform root-cause analysis and impact analysis on proposed changes
Experience with Atlassian Jira and Confluence
Desired Qualifications:
AWS DevOps Engineer Professional certification
AWS Solutions Architect Professional certification
Familiarity with Salesforce DevOps tooling, including Copado
Experience with Kubernetes, container orchestration, and service mesh tooling
Federal Government contracting work experience, particularly with CMS, MACBIS, or other HHS programs
Experience supporting FedRAMP Moderate ATO maintenance and CMS continuous monitoring requirements
Working Environment:
eSimplicity supports a remote work environment operating within the Eastern time zone so we can work with and respond to our government clients. Expected hours are 9:00 AM to 5:00 PM Eastern unless otherwise directed by your manager.
Occasional travel for training and project meetings. It is estimated to be less than 5% per year.
Candidates are expected to participate in on-call rotations, during business hours, and as needed (for high-priority incidents) outside of normal business hours.
Benefits:
eSimplicity offers a comprehensive benefits package, including medical, dental, and vision coverage, 401(k) retirement benefits, paid time off, paid holidays, life and disability insurance, and additional wellness and employee support programs. Eligibility may vary based on employment status and applicable plan terms.
Reasonable Accommodation:
eSimplicity is committed to providing reasonable accommodations to qualified individuals with disabilities during the application and hiring process. Applicants who need assistance or an accommodation should contact Human Resources.
Equal Employment Opportunity:
eSimplicity is an Equal Opportunity Employer, including disability and protected veteran status. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, protected veteran status, disability, or any other legally protected status