Associate DevOps Engineer

Raft Company Website•Aberdeen, MD

16d•$120,000 - $160,000•Hybrid

About The Position

Raft builds mission-critical data, AI, and operational platforms that support time-sensitive decisions across multiple classification levels and deployment environments. Our systems move from cloud-hosted development environments into classified, on-premises, and edge deployments where reliability, security, and repeatability matter. As an Associate DevOps Engineer, you will help secure, deploy, and operate the platforms behind [R]DP, [R]AP, [R]AIMS, and Raft’s MLOps workflows. This is not a narrow infrastructure role. You will learn how the software works, how data moves through the platform, how Kubernetes workloads behave in production, and how security controls become part of everyday delivery rather than an after-the-fact checklist. What makes this role different is the breadth of what you’ll be exposed to. CI/CD, GitOps, Kubernetes, Helm charts, observability, secure configuration, data pipelines, ML serving, and customer deployments all show up in the same workstream. You will work alongside experienced platform, software, data, and security engineers while taking ownership of well-scoped work. The right person is curious, disciplined, willing to troubleshoot deeply, and ready to grow into broader platform ownership over time.

Requirements

1 to 3 years of hands-on experience in DevSecOps, DevOps, platform engineering, cloud infrastructure, systems administration, cybersecurity engineering, or a closely related role
Working familiarity with Linux, containers, Docker, and Kubernetes concepts, including pods, services, deployments, config maps, secrets, ingress, and basic troubleshooting
Experience building, running, or supporting CI/CD pipelines; exposure to GitLab CI, GitHub Actions, Jenkins, Argo CD, Flux, or similar tools
Exposure to Infrastructure as Code or configuration management with Terraform, Ansible, Helm, Kustomize, or similar tooling
Understanding of foundational security practices such as least privilege, vulnerability management, container image scanning, secrets handling, secure configuration, and auditability
Ability to read application logs, inspect runtime configuration, use command-line tooling, and follow evidence to root cause
Basic scripting or programming ability in Go, Java, Python, Bash, or a comparable language
Interest in data platforms, streaming systems, MLOps, and operational AI/ML workloads; prior exposure to Kafka, Flink, KServe, Kubeflow, or Ray is a plus
Strong written communication and willingness to document work clearly for teammates, customers, and future operators
Active Secret clearance required; must be eligible for and willing to obtain a Top Secret/SCI clearance
Ability to obtain Security+ certification within the first 90 days of employment
Ability to travel up to 30%

Nice To Haves

Hands-on experience deploying applications with Helm or Kustomize in a Kubernetes environment
Exposure to GitOps workflows and continuous delivery across multiple environments
Familiarity with AWS or Azure fundamentals including IAM, networking, storage, compute, and managed Kubernetes services
Exposure to service mesh technologies such as Istio, including mTLS, traffic routing, and observability concepts
Familiarity with security and compliance frameworks used in government delivery, including RMF, STIGs, FedRAMP, NIST 800-53, and IL4/IL5/IL6 controls
Experience supporting air-gapped, disconnected, classified, or resource-constrained deployments
Exposure to SBOMs, SCA, SAST, DAST, container scanning, admission control, OPA/Gatekeeper, Kyverno, Sigstore, or similar supply chain security tooling
Existing TS/SCI clearance strongly preferred

Responsibilities

Implement, maintain, and troubleshoot Kubernetes-based platform infrastructure under the guidance of senior engineers
Build and maintain CI/CD and GitOps workflows using tools such as GitLab CI, Argo CD, Flux, Helm, and repository-managed deployment configuration
Support secure software delivery practices including container hardening, vulnerability scanning, image provenance checks, secrets hygiene, and policy-driven deployment gates
Help operate cloud, on-premises, and disconnected deployments across AWS, Azure, data center, and tactical environments
Deploy and debug services, Helm charts, service mesh configuration, Kubernetes networking, storage, and runtime behavior
Support observability across Prometheus, Grafana, Fluent Bit, Loki, Kibana, OpenTelemetry, or similar tooling so issues can be detected and resolved quickly
Work with software and data engineers to understand service dependencies, data flows, and operational failure modes
Support data and MLOps workloads that may include Kafka, Flink, Pinot, KServe, Kubeflow, Ray, GPU-enabled workloads, and model-serving workflows
Write maintainable automation and small tools in Go, Java, Python, Bash, or similar languages to reduce manual effort and improve repeatability
Contribute to compliance-driven delivery practices aligned with RMF, STIGs, NIST 800-53, IL4/IL5/IL6, and customer-specific security requirements
Document operational procedures, deployment notes, troubleshooting steps, and lessons learned in a way other engineers can reuse