About the position
Shift5 is seeking a Cloud Engineer (On-Prem) to join their team and focus on building and maintaining a hybrid computing infrastructure for the Research organization. The role involves maintaining an intranet composed of on-prem servers and AWS services, procuring hardware, configuring core infrastructure, and managing enclaves with hardware-in-the-loop (HIL) labs. The engineer will also be responsible for supporting remote users utilizing Tailscale for VPN access and managing accounts with SSO. The position reports to the Senior Director of Platform Security and offers the opportunity to work with a collaborative team of cyber security experts in a rapidly growing data and cybersecurity scale-up.
Responsibilities
- Building and maintaining a hybrid computing infrastructure in support of the Research organization
- Maintaining an intranet composed of on-prem servers and AWS services
- Specifying and procuring hardware
- Installing and configuring core infrastructure
- Managing enclaves with hardware-in-the-loop (HIL) labs
- Utilizing and developing automation solutions for site deployments with tools like Ansible
- Software development for middleware to integrate services and automate tasks
- Supporting remote users utilizing Tailscale for VPN access and accounts managed with SSO
- Designing, implementing, and managing secure enclaves for engaging cyber threats
- Collaborating with Software Reverse Engineers, Product Security Engineers, Cyber Threat Intelligence Analysts, and Cyber Threat Engineers
- Conducting research on defending critical national infrastructure, weapons platforms, and logistics
- Reporting directly to the Senior Director of Platform Security
- Developing automation tools to enhance existing infrastructure
- Providing basic administration services to a small team of expert technologists
- Exploring and evaluating best-fit software solutions
- Building and deploying Docker images for various services
- Running sites delivered over Tailscale VPN
- Developing and maintaining middleware written in Go, Python, or other preferred languages
- Managing Gitlab-EE and Gitlab-Runners
- Building CI/CD pipelines, preferably with Gitlab-CI
- Building new and unique infrastructure solutions for Cyber Threat Engineers & Analysts, Reverse Engineers, and Product Security Engineers
- Utilizing various AWS services, such as Secrets Manager, EC2, Security Groups, Load Balancers, and more
- Maintaining documentation for operating and troubleshooting the on-prem infrastructure
- Utilizing Linux systems from the command line
- Writing and utilizing Ansible playbooks, roles, and plugins
- Writing bash scripts
- Configuring network firewalls to establish VLANs and manage other basic network security aspects
- Configuring network equipment such as routers, switches, and firewalls
- Possessing strong software development proficiency with Python for maintaining and troubleshooting internally developed software
- Possessing a minor software development proficiency with JavaScript and PHP for troubleshooting 3rd party software issues
- Having basic experience operating self-hosted and cloud computing environments, on-premise servers and network equipment, remotely accessible enclaves and HIL labs, intranets hosting FOSS and commercial web services, and in-house developed middleware and services for infrastructure tasks.
Requirements
- Strong ability to utilize Linux systems from the command line
- Ability to write and utilize Ansible playbooks, roles, and plugins
- Ability to write bash scripts
- Ability to configure network firewalls to establish VLANs and manage other basic network security aspects
- Ability to configure network equipment such as routers, switches, and firewalls
- Possess strong software development proficiency with Python for the purpose of maintaining and troubleshooting internally developed software
- Possess a minor software development proficiency with JavaScript and PHP for the purpose of troubleshooting 3rd party software issues
- Basic experience operating and troubleshooting on-prem infrastructure
Benefits
- Competitive salary and stock options in a fast-growing startup
- Employer-paid medical, dental, and vision coverage for employees and their families
- Health Savings Account with annual employer contributions
- 401k with employer contributions
- Employer-paid Life Insurance
- Uncapped paid time off policy
- Flexible work & remote work policy
- Tax-deferred public transit benefits with Metro SmartBenefits (DC/MD/VA)
- Inclusive culture that embraces diversity and belonging
- Equal opportunity employment without discrimination based on race, color, religion, sexual orientation, gender identity, national origin, disability, age, marital status, ancestry, protected veteran status, or any other protected group or class.