At Mass Virtual, we don’t just build virtual reality—we use it to solve real-world problems at scale. From transforming how people train, learn, and operate to pushing immersive technology where it hasn’t gone before, we’re redefining what “work” looks like inside a headset. If you want to create what’s next (not maintain what’s already been done), you’re in the right place.
The DevSecOps Lead Engineer is responsible for establishing and formalizing DevSecOps practices that support secure, consistent, and scalable software delivery across the organization. This role will design and implement baseline standards, tooling, and workflows across the software development lifecycle, integrating security, quality, and operational controls into build, test, and release activities.
As the organization evolves its development and delivery capabilities, the DevSecOps Lead Engineer will work closely with Developers, IT Operations, Cyber Security, and Program teams to standardize development pipelines, improve build and release consistency, and ensure software deliverables meet internal, customer and government requirements. This role requires a hands-on leader who can define foundational practices while enabling teams to deliver efficiently and reliably.
DevSecOps Practice Establishment • Design and implement DevSecOps practices, standards, and operating procedures
Establish baseline development, build, test, and release workflowsDefine roles, responsibilities, and handoffs across Development, Cyber Security, and OperationsEnsure practices are scalable and adaptable as delivery needs evolveDevelopment Pipeline Design & Governance • Establish standardized build and deployment pipelines
Define versioning, artifact management, and release traceability requirementsEnsure pipelines support repeatable, auditable builds for customer and government deliverablesPromote consistency across development environments and deployment targetsSecurity Integration • Integrate security controls into the software development lifecycle, including code analysis, dependency review, and build validation
Define secure development standards and baseline controlsPartner with Cyber Security teams to align development practices with organizational security requirementsEnsure security findings are tracked, prioritized, and addressed in a timely mannerConfiguration & Release • Coordinate with Configuration Management to ensure software builds align with approved baselines and configurations
Ensure release artifacts are properly versioned, documented, and traceableSupport release readiness reviews and deployment approvalsTooling & Automation • Evaluate, select, and implement tools to support build, test, validation, and deployment activities
Drive appropriate automation to improve consistency, efficiency, and reliabilityEstablish metrics to assess pipeline health, delivery performance, and complianceDocumentation & Standards • Create and maintain documentation for DevSecOps standards, workflows, and pipelines
Ensure documentation is accurate, current, and audit readyDevelop guidance and onboarding materials for development teamsMonitoring & Reporting • Track and report on pipeline performance, build outcomes, and security-related findings
Provide visibility into release readiness, delivery risks, and improvement opportunitiesSupport internal reviews, customer engagements, and government assessmentsPreferred Tooling Experience
GitHub ActionsAzure DevOps PipelinesTerraform Cloud PipelinesAnsiblePackerContainerization & Orchestration
DockerKubernetesOpenShiftSecurity Tooling
SonarQubeTrivyMonitoring
PrometheusGrafana