About the position
Shift5 is seeking an Infrastructure Engineer to join their team and focus on building and maintaining a hybrid computing infrastructure to support the Research organization. The role involves managing an intranet composed of on-prem servers and AWS services, procuring hardware, configuring core infrastructure, and managing enclaves with hardware-in-the-loop (HIL) labs. The engineer will also be responsible for supporting remote users utilizing Tailscale for VPN access and managing accounts with SSO. The position reports to the Senior Director of Platform Security and the team consists of various cybersecurity experts.
Responsibilities
- Building and maintaining a hybrid computing infrastructure in support of the Research organization
- Maintaining an intranet composed of on-prem servers and AWS services
- Specifying and procuring hardware
- Installing and configuring core infrastructure
- Managing enclaves with hardware-in-the-loop (HIL) labs
- Utilizing and developing automation solutions for site deployments with tools like Ansible
- Software development for middleware to integrate services and automate tasks
- Supporting remote users utilizing Tailscale for VPN access and accounts managed with SSO
- Designing, implementing, and managing secure enclaves for engaging cyber threats
- Collaborating with Software Reverse Engineers, Product Security Engineers, Cyber Threat Intelligence Analysts, and Cyber Threat Engineers
- Conducting research on defending critical national infrastructure, weapons platforms, and logistics
- Reporting directly to the Senior Director of Platform Security
- Developing automation tools to enhance existing infrastructure
- Providing basic administration services to a small team of expert technologists
- Exploring and evaluating best-fit software solutions
- Building and deploying Docker images for various services
- Running sites delivered over Tailscale VPN
- Developing and maintaining middleware written in Go, Python, or other preferred languages
- Managing Gitlab-EE and Gitlab-Runners
- Building CI/CD pipelines, preferably with Gitlab-CI
- Building new and unique infrastructure solutions for Cyber Threat Engineers & Analysts, Reverse Engineers, and Product Security Engineers
- Utilizing various AWS services, such as Secrets Manager, EC2, Security Groups, Load Balancers, and more
- Maintaining documentation for operating and troubleshooting the on-prem infrastructure
- Utilizing Linux systems from the command line
- Writing and utilizing Ansible playbooks, roles, and plugins
- Writing bash scripts
- Configuring network firewalls to establish VLANs and manage other basic network security aspects
- Configuring network equipment such as routers, switches, and firewalls
- Possessing strong software development proficiency with Python for maintaining and troubleshooting internally developed software
- Possessing a minor software development proficiency with JavaScript and PHP for troubleshooting 3rd party software issues
Requirements
- Strong ability to utilize Linux systems from the command line
- Ability to write and utilize Ansible playbooks, roles, and plugins
- Ability to write bash scripts
- Ability to configure network firewalls to establish VLANs and manage other basic network security aspects
- Ability to configure network equipment such as routers, switches, and firewalls
- Possess strong software development proficiency with Python for the purpose of maintaining and troubleshooting internally developed software
- Possess a minor software development proficiency with JavaScript and PHP for the purpose of troubleshooting 3rd party software issues
- Basic experience operating and troubleshooting on-prem infrastructure
- Experience with Docker image building and deployment
- Familiarity with Tailscale VPN
- Proficiency in Go or other preferred languages for middleware development
- Experience managing Gitlab-EE and Gitlab-Runners
- Knowledge of CI/CD pipelines, preferably with Gitlab-CI
- Familiarity with various AWS services such as Secrets Manager, EC2, Security Groups, Load Balancers, etc.
- Strong documentation skills for operating and troubleshooting on-prem infrastructure
Benefits
- Competitive salary and stock options in a fast-growing startup
- Employer-paid medical, dental, and vision coverage for employees and their families
- Health Savings Account with annual employer contributions
- 401k with employer contributions
- Employer-paid Life Insurance
- Uncapped paid time off policy
- Flexible work & remote work policy
- Tax-deferred public transit benefits with Metro SmartBenefits (DC/MD/VA)
- Inclusive culture that embraces diversity and belonging
- Opportunity to work with a collaborative and passionate team of cybersecurity experts
- Opportunity to work on cutting-edge research projects in defending critical national infrastructure
- Opportunity to develop automation tools and enhance existing infrastructure
- Opportunity to explore and evaluate best-fit software solutions
- Opportunity to build and deploy Docker images for various services
- Opportunity to utilize various AWS services
- Opportunity to maintain documentation for operating and troubleshooting on-prem infrastructure
- Opportunity to learn and work with Proxmox and virtualization technologies
- Opportunity to configure computer hardware such as rackmount servers, Single-Board Computers (SBCs), and IoT devices
- Opportunity to work with authentication technologies like OpenIDConnect, SAML, or LDAP
- Opportunity to obtain or hold a US Government Security Clearance.