Senior Staff DevOps Engineer

IonQ•Denver, CO

3h•$167,808 - $219,704•Hybrid

About The Position

We are looking for a Senior Staff DevOps Engineer to join our Quantum Platform Network Security Engineering Team. You'll be part of a cross-functional team whose mission is to lead IonQ on its journey to build the world's best quantum computers to solve the world's most complex problems. In this role, you will be responsible for leading CI/CD pipeline strategy, deployment automation architecture, release management, and GitOps practices. This role owns the pipeline platform — shared libraries, templates, standards, and tooling — that enables all application teams and infrastructure services to build and deploy through self-service, while collaborating closely with Architecture on IaC standards and with SRE on deployment reliability. The Senior Staff DevOps Engineer is a co-owner of pipeline security and infrastructure security, overseeing responsibility for vulnerability management, artifact scanning, SAST, DAST, and SBOM generation within the CI/CD ecosystem, working jointly with the Senior Cloud Security Engineer on vulnerability program governance and with the Security Operations Engineer on scanning execution. As the primary owner of cross-service release coordination you will be working with Security to enforce vulnerability gates and risk assessments as part of every release cycle. The Senior Staff DevOps Engineer continuously implements AI Ops practices, leveraging AWS Agent Core to design and deploy agentic workflows that automate repetitive pipeline operations, intelligent dependency management, and infrastructure provisioning tasks. The ideal candidate is someone who is a hands-on technical expert who writes pipeline code, builds and debugs deployment automation, develops IaC modules, configures and operates security scanning tooling within pipelines, and operates release tooling daily — driving success through execution, not delegation alone.

Requirements

5 years of hands-on expertise in Pipeline Orchestration (Jenkins, GitLab CI, GitHub Actions) and advanced Git workflows, including experience utilizing GitHub Actions OIDC and Workload Identity Federation.
5 years of practical application in Scripting Languages (Python, Bash, Go).
4 years of direct experience with Infrastructure-as-Code (OpenTofu, Terragrunt, Packer, Ansible).
4 years of demonstrated background in Containerization (Docker, Buildah) and Kubernetes deployment/operations (EKS, Kyverno, Bottlerocket), alongside a proven track record with GitOps practices (Flux, Helm) and artifact management (Artifactory, Nexus, ECR/ACR/GAR).
Technical proficiency integrating pipeline security scanning (SAST, DAST, SCA), container scanning, and IaC validation/testing (Trivy, native OpenTofu test frameworks).
Established background implementing AI Ops and Agentic Frameworks, including AWS Agent Core and LLM-based automation.

Nice To Haves

Bachelor’s degree in Computer Science, Engineering, or equivalent practical experience.
Kubernetes administrator or developer certification (CKA/CKAD).
Experience supporting Event Streaming Platforms (MSK/Kafka, IAM auth, TLS).
Experience with internal developer platforms (Backstage, Port).
Background in platform engineering at scale (100+ developers).
Experience with multi-environment promotion strategies.
Experience with SBOM generation (Syft, CycloneDX), Cosign artifact signing, and supply chain security.
DevSecOps pipeline design and vulnerability management at scale.
Experience with AI Ops, intelligent automation, or agentic AI frameworks for operational tasks.
Experience with AWS Agent Core or equivalent agentic orchestration platforms.

Responsibilities

Own the CI/CD pipeline platform: design, build, and maintain shared pipeline libraries, reusable templates, and standards that enable application teams to configure their own pipeline instances via self-service.
Maintain infrastructure-specific pipelines directly.
Define and implement deployment strategies (blue-green, canary, rolling, feature flags) that minimize deployment risk and enable rapid rollback.
Own end-to-end release management for infrastructure and product services: define versioning strategies, coordinate cross-service releases, manage release trains, and make release go/no-go decisions in partnership with Security (vulnerability gate) and SRE (reliability readiness).
Ensure every release cycle includes a risk assessment checkpoint: vulnerability scan results reviewed, dependency risk evaluated, compliance posture confirmed, and rollback plan validated before production promotion.
Establish and maintain GitOps practices using declarative infrastructure and application definitions stored in version control as the single source of truth.
Develop, test, and maintain IaC modules (OpenTofu modules, Terragrunt configurations, Packer templates, Ansible playbooks, Helm charts, Kustomize overlays) following patterns defined by Architecture.
Build and maintain self-service developer portals, environment provisioning tools, and internal developer platforms that enable developers to trigger deployments and provision environments without DevOps intervention.
Track and report on DORA metrics (deployment frequency, lead time, change failure rate, MTTR) and SDLC health indicators using Jira for sprint velocity, backlog health, and cross-team dependency tracking; identify bottlenecks and drive continuous improvement.
Design, build, and operate agentic workflows using AWS Agent Core to automate repetitive DevOps tasks including pipeline failure triage, dependency update orchestration, environment provisioning, release coordination, and intelligent deployment decision-making.
Continuously identify candidates for agentic automation across daily operations.
Instrument deployments with observability, configure SLO monitoring for pipelines, implement canary analysis and automated rollback, and participate in incident response.