By Light Professional IT Services LLC is seeking personnel to provide comprehensive support for the Defense Contract Management Agency (DCMA) Facilities Management team in the implementation and sustainment of a Computer-Aided Facility Management (CAFM) software solution. This engagement, titled “DCMA CAFM SaaS Support Services,” encompasses a base year plus four option years (September 30, 2025 – September 29, 2030), and will facilitate the optimization of facility operations across DCMA’s nationwide and overseas portfolio, totaling over 1.3 million square feet.
Requirements
- Minimum 7 years’ experience in DevOps/DevSecOps roles, with at least 3 years supporting cloud-based (SaaS) solutions in DoD, federal, or critical infrastructure environments.
- Demonstrated expertise in the deployment and administration of secure CI/CD pipelines, container orchestration (e.g., Docker, Kubernetes), and infrastructure-as-code tools (e.g., Terraform, Ansible).
- Experience implementing security automation tools for code analysis, vulnerability scanning, and compliance validation within a DevSecOps workflow.
- Deep knowledge of FedRAMP, NIST 800-53, RMF, and DoD cloud/security controls.
- Hands-on experience with cloud platforms (e.g., AWS GovCloud, Azure Government, or equivalent environments).
- Proficiency with scripting languages (e.g., Python, Bash, PowerShell) and version control systems (e.g., Git, GitLab).
- Familiarity with Section 508 accessibility requirements and secure software supply chain management.
Responsibilities
- Lead the design, implementation, and ongoing management of secure Continuous Integration/Continuous Deployment (CI/CD) pipelines for the DCMA Computer-Aided Facility Management (CAFM) SaaS environment, ensuring rapid, reliable, and secure delivery of software enhancements and patches.
- Enforce DevSecOps best practices to integrate security at every phase of the software development lifecycle by automating vulnerability scanning, code analysis, compliance checks, and remediation processes.
- Collaborate with software developers, cybersecurity analysts, and system administrators to architect highly available, scalable, and compliant cloud-based solutions in accordance with FedRAMP and DoD Security Technical Implementation Guides (STIGs).
- Maintain, monitor, and improve infrastructure-as-code deployments, configuration management, and patch management processes across multiple environments (development, test, staging, production).
- Ensure all systems, services, and tools meet or exceed RMF, NIST 800-53, IL4, and other DoD cybersecurity requirements and support FISMA compliance.
- Automate deployment, monitoring, backup, and disaster recovery strategies to ensure system resilience and business continuity.
- Lead efforts to assess and mitigate risks associated with software supply chain, open-source software usage, and third-party integrations.
Other
- Bachelor’s Degree in Computer Science, Cybersecurity, Information Systems, Engineering, or a related technical field.
- Master’s Degree in Information Security, Computer Science, or related domain.
- Experience supporting CAFM, asset management, or facilities management SaaS solutions in federal or DoD settings.
- Experience conducting, documenting, and remediating results of Authority to Operate (ATO) packages and other formal system accreditation processes.
- U.S. citizenship required.
