Systems Engineer - Container Platform (Primary)

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Systems, Information Technology, or related technical field (relevant certifications and experience may supplement)
• 5-7 years in systems engineering, DevOps, or infrastructure roles
• 3+ years hands-on experience with container platforms (ECS, OpenShift, or Kubernetes) in production environments
• 2+ years working with AWS infrastructure and services
• Experience with container hardening, security scanning, and vulnerability remediation
• Background in federal, DoD, or highly regulated environments (preferred)
• Prior involvement in RMF/ATO processes with container security control implementation
• Container Orchestration: Strong expertise in AWS ECS (tasks, services, capacity providers) OR OpenShift (operators, deployments, routes)
• Container Security: CIS Docker benchmarks, container image scanning tools, runtime security, STIG implementation, secrets management
• Container Networking: Service mesh concepts, ingress controllers, network policies, service discovery
• Infrastructure-as-Code: Terraform or AWS CloudFormation with modules/stacks for container infrastructure
• Image Management: Docker registries (ECR, Harbor), image tagging strategies, vulnerability scanning integration
• CI/CD for Infrastructure: Automated deployment pipelines, GitOps workflows
• AWS Services: VPC, security groups, EC2, ALB/NLB, CloudWatch, Systems Manager, Secrets Manager, IAM
• Monitoring & Logging: Container log aggregation, metrics collection, APM agent deployment
• Scripting & Automation: Python, Bash, or PowerShell for operational automation
• Linux Administration: RHEL/Amazon Linux container host management, security hardening
• Version Control: Git workflows for infrastructure-as-code management
• Understanding of NIST 800-53 security controls applicable to container platforms
• Knowledge of federal container security requirements and STIGs
• Experience implementing defense-in-depth strategies and least-privilege access controls
• Familiarity with RMF documentation requirements (SSP contributions, security control evidence)
• Strong analytical and troubleshooting skills with systematic problem-solving approach
• Attention to detail and commitment to security-first operations
• Effective written and verbal communication for documentation and cross-team collaboration
• Adaptable to fast-paced, deadline-driven environment with changing requirements
• Proactive mindset for identifying and resolving potential issues before they impact operations
• Must be able to pass a government background investigation
• U.S. Citizenship required

Nice To Haves

• AWS Certified Solutions Architect - Associate or Professional
• Certified Kubernetes Administrator (CKA) or Red Hat Certified Specialist in OpenShift
• Experience with service mesh technologies (Istio, AWS App Mesh)
• Knowledge of container vulnerability management platforms (Prisma, Aqua, Twistlock)
• Experience in VA Enterprise Cloud (VAEC)
• Federal government contracting or DoD infrastructure experience

Responsibilities

• Deploy, configure, and manage AWS ECS or OpenShift container orchestration platform in production Federal environment
• Evaluate and harden vendor-supplied container images applying CIS benchmarks, DSTI STIGs, and federal security baselines
• Perform container image scanning and remediate vulnerabilities using tools
• Configure container orchestration including task/service definitions, auto-scaling policies, and lifecycle management
• Implement runtime security controls including container isolation, resource limits, secrets management, and least-privilege IAM roles
• Document container security controls and provide evidence for RMF/ATO security assessment
• Develop and maintain infrastructure-as-code for repeatable container platform deployment
• Build automated deployment pipelines with GitOps workflows for infrastructure change management and audit trails
• Create repeatable, version-controlled infrastructure patterns for scaling
• Develop automation scripts for container platform management, troubleshooting, and routine operations
• Design and implement multi-AZ container deployments with health checks, readiness probes, and self-healing capabilities
• Implement disaster recovery procedures including backup strategies and zero-downtime deployment patterns
• Establish capacity planning and scaling strategies to handle variable workloads serving millions of clients
• Create comprehensive operational runbooks, deployment procedures, and configuration baselines for RMF compliance
• Develop standard operating procedures (SOPs) for routine maintenance, troubleshooting, and incident response
• Collaborate with developers on container deployment requirements and application configurations
• Work with networking team on container networking, load balancer integration, and ingress/egress controls
• Partner with security teams on vulnerability remediation and coordinate with vendor technical teams on container specifications
• Integrate container platform with monitoring solutions (Dynatrace, Splunk, DataDog) for metrics, logging, and tracing

Benefits

• 401(k)
• 401(k) matching up to 4%
• Competitive Pay
• Comprehensive Medical, Dental, and Vision coverage fully paid for employees
• Flexible Schedule
• Paid Time Off
• Full-time and part-time opportunities