Senior AWS Platform Engineer

About The Position

Requirements

• U.S. citizenship and the ability to obtain a government clearance.
• At least a bachelor's degree in computer science or a related field (or equivalent experience).
• AWS CloudOps Engineer- Associate Certification.
• 8+ years of progressive professional software engineering experience or DevOps experience.
• 5+ years of expert-level AWS Kubernetes experience with EKS (Rancher-managed), EC2 (spot + reserved instances), VPC networking, IAM, Security Groups, Transit Gateway, and cost-optimized SaaS infrastructure on AWS.
• Deep expertise building and operating production CI/CD platforms at scale, including on-call support and incident response.
• Expert-level Kubernetes and CI/CD experience, including Actions Runner Controller (legacy + new gha-runner-scale-set), Helm, ephemeral runners, Docker-in-Docker, Kaniko, and GitHub Enterprise (ghe.com).
• Strong IaC and automation skills with Terraform, Helm, Kubernetes manifests, and GitOps workflows.
• A strong security-first mindset with hands-on experience implementing cybersecurity best practices in SaaS and hybrid cloud environments.
• Proven experience successfully working with CI/CD, container platforms, and workloads in AWS EKS (Nutanix NKP experience is a big plus).
• Strong experience with Python for writing scripts and debugging.
• Familiarity with Agentive Artificial Intelligence in Engineering
• Excellent written and verbal communication skills; you can explain complex technical concepts to engineers and non-engineers.
• A demonstrated ability to balance speed and quality; you ship fast without sacrificing long-term maintainability.

Nice To Haves

• AWS DevOps Engineer - Professional certification.
• Experience with Nutanix Kubernetes Platform (NKP), or Prism Central.
• Familiarity with Harbor Registry (RBAC, robot accounts, garbage collection).
• Experience with air-gapped or restricted network deployment.
• Python or Go scripting for automation.
• A background in FinTech or regulated SaaS environments.

Responsibilities

• Lead the design, provisioning, and ongoing maintenance of production-grade AWS EKS clusters (Rancher-managed) using Infrastructure as Code.
• Own the reliability, availability, performance, and security of production cloud services, including participation in an on-call rotation and off-hours incident response.
• Architect, deploy, and scale Actions Runner Controller (both legacy and the new GitHub-supported gha-runner-scale-set) on AWS EKS with ephemeral runner pods, autoscaling, and GitHub App-based authentication.
• Champion cybersecurity best practices across the entire platform, including least-privilege IAM, pod security policies, network policies, secrets management, vulnerability scanning, and compliance controls.
• Optimize container image building pipelines (Docker-in-Docker →Kaniko) and manage internal registries (Nexus, Harbor) to support our SaaS delivery platforms.
• Write and maintain Terraform, Helm, and Kubernetes manifests for EKS, networking, node pools, storage, and CI/CD components while driving GitOps practices.
• Help design and manage hybrid networking between AWS EKS and on-prem Nutanix environments, including VLANs, routing, Load Balancer services, and secure egress to GitHub Enterprise and other SaaS services.
• Instrument Prometheus/Grafana stacks, monitor runner pod lifecycle, build performance, and cluster resource utilization while implementing proactive scaling.

Benefits

• health, dental, and vision coverage
• a Health Savings Account plan
• a 401(k) plan with a generous employer match
• an unlimited PTO policy
• seven company holidays
• a week-long break at the end of each year