GE Vernova is seeking an experienced DevSecOps Engineer to support the successful design, configuration, and deployment of Distributed Energy Resource Management System (DERMS) projects as part of the GridOS® platform. This role will have hands-on technical activities across distributed energy integration workflows, coding, and deployment.

The specialist will play a key role in supporting the DER Gateway component within GridOS - responsible for managing registration, control, and telemetry workflows between DERs, aggregators, and operational control systems. The role spans design collaboration, interface integration, standards alignment, and support across the full project lifecycle including SIT/UAT and go-live readiness.

A DevSecOps Engineer for DERMS embeds automated security guardrails into CI/CD pipelines and grid software. This role safeguards decentralized energy networks like solar, wind, and battery storage—against cyberattacks while ensuring compliance with stringent energy sector standards like IEEE 1547 and NIP/CIP frameworks.

Job Description

Essential Responsibilities:

• Contribute to the deployment of DERMS product utilizing the Software Suite to customer environments to support project use cases and DER planning scenarios.
• Own technical deliverables during the entire lifecycle of the projects.
• Engage throughout the full lifecycle of assigned projects, participating in decisions on architecture, design, and functionality to keep programs on track in terms of budget, time, and customer expectations.
• Work closely with the client to understand their needs and develop strategies tailored to their organization through site assessments.
• Also make standard recommendations on workflow, application, interface, reports, testing and uploads to customers through the implementation process.
• Responsible for go-live readiness and support as well as post-live checkups and will be required to work collaboratively with internal team members and clients to ensure customer satisfaction
• Technical Leadership of the DevOps methodology within the parameters of a project
• Work collaboratively with a strong team of Project Managers, Delivery Managers, Technical Leads, Solution Specialists and global team to provide input on solution architecture based on customer needs solution capabilities along with input into project status, risks and mitigation, scope, and issues
• Help define success criteria and contribute to solution diagrams for the project.
• Document and design client-specific solution deployment requirements, capturing acceptance criteria and necessary features to meet client business needs.
• Collaborate with other members of the Solutions team to expand our solution consulting and delivery practice, build standards of excellence, and continuously deliver innovative solution offerings for clients.
• Threat Modeling & Risk Analysis: Perform continuous threat modeling against edge devices, grid dispatch APIs, and communication gateways.
• Incident Response: Act as a critical bridge between development and security teams, investigating security anomalies, analyzing root causes, and implementing architectural fixes.
• Infrastructure as Code (IaC) Security: Automate the secure provisioning of cloud (AWS, Azure) and on-premises environments by writing and enforcing security compliance policies.
• Pipeline Security & "Shift Left": Embed automated security tests (SAST, DAST, SCA) directly into the CI/CD pipeline to identify vulnerabilities in DERMS code before deployment.
• Identity and Access Management (IAM): Design and manage robust authentication and role-based access control (RBAC) mechanisms for field devices, edge computing nodes, and backend operators.
• Collaborate and contribute to identifying project delivery risks, recommending potential mitigation strategies, in collaboration with Project Manager
• Utilize GE Product knowledge and expertise to drive excellence in execution through continuous improvement, change management (costs base reduction, lead time reduction, productivity improvement, quality improvement, etc)
• Agile mindset and ability to work with one or more Scrum Teams (Region and Global team) to execute and deliver solutions for our customers

Required Qualifications & Experience:

• You hold a diploma, bachelor’s degree in computer science, cyber security or engineering or have the relevant hands-on experience to succeed.
• 7+ years of enterprise application development, deployment, and integration experience in Java, Microsoft .Net, or other enterprise SW development experience. or
• 3+ years of experience in DevOps or DevSecOps, ideally within the smart grid, energy, or IoT sectors.
• DER/Grid Knowledge: Familiarity with grid management standards (IEEE 2030.5, DNP3, IEC 61850) and DER communication protocols.

Strong hands-on experience with:

• AWS, Azure, and / or GCP Cloud Platforms and Technologies.
• RHEL 8+ Linux OS and shell scripting. Puppet, Ansible, Terraform, ArgoCD Docker, Kernel-based VM PostgresSQL, MariaDB, MongoDB Redis, Memcached Nginx, HA Proxy, Apache Python, JSON, YAML, Bash, Git Infrastructure as Code scripting with Terraform, Ansible or cloud native (ARM, Cloud Formation).
• Monitoring tools for statistical analysis and pro-active system tuning such as DataDog. GitHub, CI/CD pipeline design and scheduling with code quality stages spanning the lifecycle of continuous build & quality, continuous deploy, and continuous testing.
• Knowledge of cyber security best practices including authentication protocols, ACL rules, and identity management mechanisms.
• Knowledge of DevSecOps (static, dynamic, artifactory, code scanning). Build and deploy experience of Docker containers using Helm Charts and YAML configurations.
• Deployment and management of securely hardened technology frameworks including Kafka, and Kubernetes.
• Pipeline integration with DevOps Tools such as GIT, Docker, K8 containers, SonarQube, Nexus, Vault, test automation, Fortify, and Twistlock, Gitea, and Jenkins.
• Hands on experience in solution deployment with PDI and ArgoCD technologies.
• Agile/Lean principles such as SCRUM, Kanban, MVP. Windows and Linux Server, SQL Server, Active Directory, Azure Active Directory, and Infrastructure Automation Tools.
• Knowledge of security best practices including authentication protocols, ACL rules, and Identity Management mechanisms.
• Experience working with Azure, Windows and Linux Server, SQL Server, Active Directory, Azure Active Directory, Systems, and Infrastructure Automation Tools
• Excellent analytical skills and must be able to look at situations from different vantage points to make data-driven decisions and solve problems.
• Knowledge of Node.JS and Microservices.
• Knowledge on relational and non-relational databases.
• Triage and debug any issues that arise during testing and production.
• Automate testing across CI/CD and cloud infrastructure management. Knowledge of secure code development.

Desired Characteristics:

• Strong understanding of the utilities industry vertical and what Distributed Energy Resource Managed Solutions (DERMS) are all about.
• Hands on Python enterprise application development experience
• Air gap deployment experience

As GE Vernova is a global organization, working across different time zones, and monitoring, reading and responding to contact outside normal working hours can be expected.

Additional Information