Senior Platform Engineer

Cox EnterprisesAtlanta, GA
$101,500 - $169,100Hybrid

About The Position

Cox Automotive’s Engineering & Technology organization is building a centralized Enterprise AI Integration Platform — the governed infrastructure layer that allows every team in the organization to connect AI agents (Claude, Copilot Studio, Claude Code) to enterprise data sources in a secure, observable, and self-service way. This Senior Platform Engineer will own the technical implementation of that platform: the central AI gateway server, the on-demand connector provisioning engine, the identity-driven session layer, and the observability stack that gives the organization full visibility into every AI tool call made against production data. This is one of a small number of roles at Cox Automotive working at the intersection of enterprise infrastructure engineering and Model Context Protocol (MCP) — the protocol rapidly becoming the standard interface between AI agents and enterprise systems. The work is novel, the surface area is broad, and the organizational impact is significant.

Requirements

  • Bachelor’s degree in a related discipline and 4 years’ experience in a related field. The right candidate could also have a different combination, such as a master’s degree and 2 years’ experience; a Ph.D. and up to 1 year of experience; or 16 years’ experience in a related field
  • Python development (4+ years) with advanced async/await patterns, FastAPI, multiprocessing, and production performance optimization
  • Model Context Protocol (MCP) — hands-on implementation experience with MCP servers, tool definitions, and client integration patterns; ability to read and extend the protocol specification independently
  • AWS platform depth: ECS Fargate task lifecycle management, ElastiCache Redis (TLS, clustering, eviction policies), Secrets Manager, Route 53, ALB (sticky sessions, TLS termination), ECR, Aurora Postgres, SSM Parameter Store, CloudWatch, Kinesis Firehose
  • Microsoft Entra ID / Azure AD integration: OIDC federation, group membership extraction via Graph API or JWT claims, RBAC pattern implementation
  • Database integration and optimization: Oracle, PostgreSQL, Snowflake, SQL Server — including connection pooling, query optimization, and schema introspection
  • Distributed systems patterns: circuit breakers, retry with exponential backoff, bulkhead isolation, Redis-backed distributed state, graceful degradation
  • Container platform: Docker multi-stage builds, ECS task definitions, non-root container security, health endpoint implementation
  • REST API security: JWT validation, rate limiting, input validation, PII detection and masking
  • Observability: structured JSON logging, Prometheus client instrumentation, distributed tracing concepts, CloudWatch Logs Insights
  • Version control and CI/CD (Git, GitHub Actions, automated testing pipelines)

Nice To Haves

  • High-concurrency MCP server development with proven experience supporting enterprise-scale concurrent sessions
  • Snowflake advanced optimization: warehouse sizing, query profiling, result caching, role-based access patterns
  • Infrastructure-as-code with Terraform for AWS resource provisioning
  • On-demand infrastructure provisioning: ephemeral container lifecycle, VPC-internal networking, dynamic credential injection
  • Redis advanced patterns: sliding window rate limiting, distributed quota enforcement, pub/sub for session events
  • Enterprise compliance: audit logging design, data governance patterns, OWASP Top 10 remediation
  • Experience working with AI/LLM platforms, agentic frameworks, or AI developer tooling
  • Familiarity with the MCP ecosystem: Anthropic Claude integration, MCP client patterns in Claude.ai, Claude Code, or Copilot Studio
  • Security best practices including OWASP guidelines and secure coding practices
  • DevOps experience including infrastructure automation and deployment strategies

Responsibilities

  • Design, implement, and optimize the central AI Gateway MCP server — the single governed endpoint through which all AI client connections route, built on FastAPI + uvicorn for high-concurrency enterprise workloads
  • Build and maintain the Redis ElastiCache session layer that binds Microsoft Entra identity to role-resolved MCP tool sets, including token lifecycle management, sliding TTL extension, per-user quota enforcement, and distributed rate limiting
  • Implement the on-demand connector provisioning engine — a system that provisions compute containers with enterprise client drivers, establishes VPC-internal network paths, and retrieves credentials from AWS Secrets Manager automatically when a user’s AI agent declares intent to access a data source
  • Build enterprise system connectors as MCP tool sets: Oracle DB, SharePoint Graph API, Rally, ServiceNow, and a vendor connector approval pipeline with ECR container image scanning and an Aurora-backed connector registry
  • Implement comprehensive automated testing: unit, integration, load testing (1,000+ concurrent users), and chaos testing for connector fault tolerance
  • Build and maintain the full observability stack: structured logging, Prometheus metrics, Kinesis Firehose → OpenSearch indexing, and Grafana dashboards for per-user, per-tool, per-session audit trails
  • Design and implement CI/CD pipelines for all platform components via GitHub Actions, with automated container image builds, ECS task definition updates, and blue/green deployments
  • Own security controls: Entra OIDC token validation, PII masking on all tool responses, WAF rule management, Secrets Manager integration with autorotation, and OWASP-aligned secure API design
  • Maintain and extend the existing Snowflake MCP codebase that forms the foundation of the platform, including session management, RBAC, PII masking, configuration management, and secrets integration modules
  • Develop troubleshooting and diagnostic tools for production support
  • Create documentation, runbooks, and operational playbooks for platform support and maintenance

Benefits

  • health care insurance (medical, dental, vision)
  • retirement planning (401(k))
  • paid days off (sick leave, parental leave, flexible vacation/wellness days, and/or PTO)
  • flexible vacation with pay
  • seven paid holidays
  • up to 160 hours of paid wellness annually
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service