Senior Platform Engineer/Kubernetes SME

About The Position

Requirements

• 12+ years of Software Engineering experience with 5–8+ years in platform/SRE roles operating production Kubernetes at scale; strong multi‑cluster and GitOps (Argo CD/Flux) experience
• Hands‑on with Istio/Envoy, Cilium (NetworkPolicy, eBPF), Ingress/Gateway API, and cluster networking (DNS, L7/L4)
• Controller/operator development using Go (Kubebuilder/Operator SDK) or TypeScript‑based frameworks; CRD design/versioning
• Observability: Prometheus, OpenTelemetry, Fluent Bit/OpenSearch; incident response and performance tuning
• Security: mTLS, OIDC, JWT, OPA/Gatekeeper/Kyverno (or equivalent), image signing, SBOM, CVE remediations
• Active Top Secret clearance with SCI eligibility

Nice To Haves

• Experience in air‑gapped or classified environments; package and deploy with tools that support disconnected sites
• Exposure to Kubernetes Gateway/Envoy Gateway, egress control, and sidecar injection strategies
• Prior VV&A support for modeling & simulation platforms
• Ability to work across Unclassified → Secret → TS/SCI/SAP environments

Responsibilities

• Own the design, build, and operations of a modular, API‑first platform that abstracts infrastructure from simulation software
• Lead multi‑cluster Kubernetes, service mesh, security hardening, and observability to support hundreds of users and tens of thousands of entities across connected and air‑gapped environments
• Design and operate multi‑cluster Kubernetes environments (control/data/CI/observability planes) with strong isolation and zero‑trust defaults
• Implement service mesh (e.g., Istio) for mTLS, traffic control, and fine-grained AuthorizationPolicy; manage ingress (Gateway/VirtualService) and east‑west policies
• Author and maintain platform CRDs and controllers/operators to reconcile developer intent into runtime objects (namespaces/cells, Deployments/Jobs, Services, policies, gateways)
• Integrate network policy (eBPF/Cilium), secrets management, RBAC/ABAC, and policy‑driven automation across environments
• Stand up observability (metrics/logs/traces) and SLO monitoring; drive reliability (HA, backup/restore, DR)
• Support air‑gap packaging/delivery and secure software supply chain (images, SBOMs, provenance)

Benefits

• KBR offers a selection of competitive lifestyle benefits which could include 401K plan with company match, medical, dental, vision, life insurance, AD&D, flexible spending account, disability, paid time off, or flexible work schedule.
• We support career advancement through professional training and development.