Senior Infrastructure Engineer

About The Position

Requirements

• Must be a US citizen with the ability to obtain Public Trust Suitability.
• Bachelor's degree or 8 years of relevant experience.
• 6+ years designing, implementing, securing, and maintaining AWS Cloud infrastructure (CAWS, GovCloud, or equivalent).
• 5+ years of experience with Terraform (advanced modules, state management, policy enforcement).
• 5+ years' operating Kubernetes/EKS clusters, provisioning, scaling, networking, and Helm lifecycle management.
• 5+ years of infrastructure experience related to network security.
• Strong networking foundation: TCP/IP, DNS, DHCP, TLS, routing, subnetting, NACLs, and endpoint connectivity.
• Proficient scripting/automation using Python or Bash, YAML/JSON templating, and Git-based workflows.
• Experience in security compliance environments (FedRAMP, FISMA, NIST 800-53) and supporting ATO documentation.
• Demonstrated ability to collaborate cross-functionally with Security, DevSecOps, and CI/CD teams to maintain compliant, auditable infrastructure.
• Strong communication skills with the ability to interface effectively with stakeholders from engineers to senior management.

Responsibilities

• Design, build, and maintain Infrastructure-as-Code using Terraform (modules, S3/DynamoDB remote state, OPA/tfsec policy integration).
• Provision, upgrade, and manage EKS clusters, including namespaces, Helm-based add-ons (cert-manager, ESO, Confluent Operator), and IAM roles for service accounts.
• Design, configure, and troubleshoot AWS VPC networking, including routing, TGWs, DNS, DHCP, endpoints, NACLs, and security groups.
• Implement and secure microservices on EKS with proper connectivity to AWS services (S3, ECR, Secrets Manager, IAM).
• Automate infrastructure deployments using GitHub Actions (or self-hosted runners), cross-account IAM role assumptions, and CI/CD policy gates.
• Collaborate with security and applications teams to enforce least-privilege IAM, automate compliance evidence collection, and support RMF/ATO documentation.
• Diagnose and resolve complex issues spanning containers, Kubernetes networking, and AWS layers (VPC – Zscaler - C-TIPS - SaaS endpoints).
• Support observability, logging, and monitoring through integration with Elastic, ScienceLogic, or AppDynamics to meet SLA and audit requirements.
• Mentor and guide junior engineers through knowledge sharing, paired engineering, and process standardization.
• Evaluate and improve infrastructure design for policy compliance, resiliency, and performance tuning.
• Develop and maintain SOPs and playbooks that align with program governance.