Terraform Jobs

Roles

Terraform Jobs

Overview

Discover top Terraform jobs on Haystack, your go-to IT job board for cloud infrastructure roles. Whether you're an experienced Terraform engineer or just starting your DevOps career, explore the latest Terraform job openings with leading tech companies. Find remote, freelance, and full-time Terraform positions tailored to your skills and advance your career in infrastructure as code today!

AI Software Engineer

Tampa Brass & Aluminum Corp

+24

ABOUT THE ROLE

We are looking for a deeply technical engineer who lives and breathes AI infrastructure - someone who can build, deploy, and scale production LLM systems from bare metal to browser. This is not a prompt-engineering role. We need someone who understands how transformers actually work, can diagnose bottlenecks at the infrastructure level, and builds reliable, observable systems around fundamentally probabilistic models.

You will own the full lifecycle of AI model deployment and play a key role in ensuring seamless CI/CD, infrastructure reliability, security, and performance across our environments.

WHAT YOU’LL DO

Design and operate high-availability LLM inference clusters using vLLM, SGLang, and NVIDIA Triton
Build AI-powered tools and customer-facing products with React frontends and Python/FastAPI backends
Manage Kubernetes clusters (k8s, k3s, RKE2) end-to-end: provisioning, networking, GPU operator configuration, and upgrades
Establish and maintain CI/CD pipelines for model packaging, container builds, and automated deployments
Evaluate, fine-tune, and benchmark open-weight models for specific downstream tasks
Build RAG pipelines and agentic workflows using vector databases and tool-calling frameworks
Instrument infrastructure with monitoring and observability tooling to surface latency, throughput, and resource metrics
Deploy and maintain AI systems in compliance-sensitive environments (CMMC, FedRAMP, ITAR)
Maintain documentation of architectures, configurations, and processes across projects
Track and manage tasks across concurrent projects using Kanban tools (ClickUp, Jira)

REQUIRED SKILLS

AI / ML & Inference

SGLang, vLLM, Ollama, OpenWebUI
NVIDIA Triton Inference Server, NVIDIA NIM, NVIDIA NeMo, TensorRT
CUDA, cuBLAS, cuDNN, NCCL (multi-GPU)
Hugging Face Transformers, LangChain, LlamaIndex
Model quantization: GGUF, AWQ, GPTQ
Fine-tuning: LoRA / QLoRA
LLM architecture: transformers, attention mechanisms, KV cache
RAG pipelines, embeddings, and vector search
Agent frameworks: function calling, tool use
RLHF, DPO, and SFT concepts
Multimodal models (vision + text)
Model benchmarking: MMLU, HumanEval, MT-Bench
AI safety, output filtering, and prompt engineering

Linux & Systems

Linux (Ubuntu / RHEL / SLES), Bash, systemd
Networking fundamentals: iptables, VLAN, BGP
SELinux / AppArmor

Languages & Frameworks

Python, JavaScript / TypeScript, React
FastAPI / Flask, Node.js
REST, WebSocket, and SSE APIs
SQL (PostgreSQL / SQLite), Redis
Vector databases: Milvus, Qdrant, pgvector

DevOps / CI/CD & Infrastructure

Kubernetes (k8s), k3s, RKE2, Helm, Kustomize
Rancher, ArgoCD, Flux CD
Docker / Podman, container registries
Ingress-NGINX / Traefik, cert-manager, MetalLB
GitHub Actions, GitLab CI, Jenkins
Terraform, Pulumi, Ansible
Prometheus, Grafana, OpenTelemetry, ELK Stack
Vault (secrets management)

NICE TO HAVE

Multi-node tensor parallelism and pipeline parallelism
Experience deploying AI in air-gapped or classified environments
Open-source contributions to AI or inference tooling
Distributed systems background (Raft, consensus, replication)
Rust or Go for high-performance tooling
Active DoD security clearance

Principal. Platform Product Owner (onsite)

$107,500/hour - $204,500/hour

RECENTLY POSTED

Date Posted:

2026-03-09

Country:

United States of America

Location:

US-TX-RICHARDSON-C27 ~ 1727 Cityline Dr ~ CITYLINE C27

Position Role Type:

Onsite

U.S. Citizen, U.S. Person, or Immigration Status Requirements:

The ability to obtain and maintain a U.S. government issued security clearance is required. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance

Security Clearance Type:

TS/SCI without Polygraph

Security Clearance Status:

Active and existing security clearance required after day 1

At Raytheon, the foundation of everything we do is rooted in our values and a higher calling – to help our nation and allies defend freedoms and deter aggression. We bring the strength of more than 100 years of experience and renowned engineering expertise to meet the needs of today’s mission and stay ahead of tomorrow’s threat. Our team solves tough, meaningful problems that create a safer, more secure world.

“We have an exciting opportunity for a Principal Platform Product Owner to support one of our premier programs. In this role, you will collaborate with a cross-disciplinary team of platform engineers and systems administrators, driving innovation in ground systems solutions.”.

In this critical role, you will lead the implementation and advancement of DevOps practices, ensuring the seamless integration of cutting-edge tools, cloud technologies, and processes within our program. You will collaborate with a cross-disciplinary team to drive innovation and efficiency in our development, security, and operations functions.

Note This position will be filled onsite at an RTX Facility in Richardson TX.

What You Will Do

Serve as Product Owner for the team, owning the backlog, prioritizing work, and ensuring alignment with program objectives and delivery commitments
Work with the Scrum Master to plan and execute Agile meetings, including sprint planning and Program Increment (PI) execution, to deliver high-quality, cloud-enabled capabilities on schedule
Coordinate delivery and selloff of completed work to customers, ensuring technical acceptance and stakeholder satisfaction
Develop and maintain a technical roadmap that keeps the platform aligned with modern DevOps practices, cloud-native architecture, and relevant COTS solutions
Evaluate emerging technologies, cloud services, and industry trends to continuously improve platform capabilities, security posture, and team effectiveness

Qualifications You Must Have

Typically requires BS/BA Degree in Science, Technology Engineering Math (STEM) in Computer Science, Computer Engineering, Information Technology or Physics and a minimum 8 years of related work experience
Experience with the installation, configuration, and maintenance of RedHat Linux operating systems
Experience with infrastructure automation and configuration management tools such as Terraform, Ansible, and/or Chef
Experience with CI/CD concepts and toolchains (e.g., Jira, Confluence, Jenkins, GitLab, Artifactory, Helm) from a user and integrator perspective
Ability to obtain DOD TS/SCI security clearance is required after day 1. U.S. citizenship is required, as only U.S. citizens are eligible for a security clearance

Qualifications We Prefer

Strong working knowledge in infrastructure of servers, networking, storage, and virtualization technologies in enterprise or mission environments
Effective communication, with the ability to convey complex technical concepts to engineers, customers, and senior leadership
Advanced experience troubleshooting performance, reliability, and availability issues across Linux-based platforms and infrastructure services
Working knowledge of scripting languages such as Python and/or Bash used for automation and operational workflows
Experience designing and delivering solutions within a DevOps framework, including security integration throughout the software lifecycle
Strong AWS experience, including architecture, deployment, and security of services such as EC2, EKS, S3, CloudWatch, IAM, and VPC, with an emphasis on scalability and cost optimization
Container and platform engineering experience using Kubernetes and container runtimes such as Docker or Podman
Working knowledge of integrating CI/CD pipelines and toolchains to support application teams
Experience integrating and supporting COTS and FOSS products in secure or regulated environments
DoD 8570 IAT Level II compliance (e.g., Security+ CE or equivalent)

What We Offer

Our values drive our actions, behaviors, and performance with a vision for a safer, more connected world. At RTX we value: Safety, Trust, Respect, Accountability, Collaboration, and Innovation

Learn More & Apply Now!

Please consider the following role type definition as you apply for this role
Onsite: Employees who are working in Onsite roles will work primarily onsite. This includes all production and maintenance employees, as they are essential to the development of our products

This position requires security clearance. DCSA Consolidated Adjudication Services (DCSA CAS), an agency of the Department of Defense, handles and adjudicates the security clearance process. More information about Security Clearances can be found on the US Department of State government website here:

Location: Richardson, TX

We Are RTX

As part of our commitment to maintaining a secure hiring process, candidates may be asked to attend select steps of the interview process in-person at one of our office locations, regardless of whether the role is designated as on-site, hybrid or remote.

The salary range for this role is 107,500 USD - 204,500 USD. The salary range provided is a good faith estimate representative of all experience levels. RTX considers several factors when extending an offer, including but not limited to, the role, function and associated responsibilities, a candidate’s work experience, location, education/training, and key skills.Hired applicants may be eligible for benefits, including but not limited to, medical, dental, vision, life insurance, short-term disability, long-term disability, 401(k) match, flexible spending accounts, flexible work schedules, employee assistance program, Employee Scholar Program, parental leave, paid time off, and holidays. Specific benefits are dependent upon the specific business unit as well as whether or not the position is covered by a collective-bargaining agreement.Hired applicants may be eligible for annual short-term and/or long-term incentive compensation programs depending on the level of the position and whether or not it is covered by a collective-bargaining agreement. Payments under these annual programs are not guaranteed and are dependent upon a variety of factors including, but not limited to, individual performance, business unit performance, and/or the company’s performance.This role is a U.S.-based role. If the successful candidate resides in a U.S. territory, the appropriate pay structure and benefits will apply.RTX anticipates the application window closing approximately 40 days from the date the notice was posted. However, factors such as candidate flow and business necessity may require RTX to shorten or extend the application window.

RTX is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability or veteran status, or any other applicable state or federal protected class. RTX provides affirmative action in employment for qualified Individuals with a Disability and Protected Veterans in compliance with Section 503 of the Rehabilitation Act and the Vietnam Era Veterans’ Readjustment Assistance Act.

Click on this link to read the Policy and Terms

Platform Systems Engineer - Architect

Leidos

El Segundo, CA, United States

Description

The Digital Modernization Sector has an exciting career opportunity for a Platform Systems Engineer – Architect in El Segundo, CA to support the US Space Force’s Space Systems Command (SSC). This role is instrumental in the development and deployment of mission critical software for space defense, space domain awareness, and enabling data services. This role combines the strategic vision of a solutions architect with the technical depth of cloud/hybrid cloud platform engineering.

Primary Responsibilities

Designing and implementing a modern, integrated cloud/hybrid cloud platform that is both future-proof and aligned with current performance/mission objectives.
Understand multiple components and document the complete architecture of the current cloud/hybrid cloud platform implementation.
Manage the entire technical baseline, including the environment(s) and applications, providing comprehensive recommendations for improving and optimizing the existing solution.
Enabling successful accomplishment of performance objectives for scalability, reliability, security, resiliency, efficiency, and observability.
Document architectures, dependencies, interfaces, workflows, and processes for both technical and non-technical stakeholders.
Collaborate with multiple teams responsible for implementing each component of the cloud/hybrid cloud platform and infrastructure to ensure their alignment with enterprise level objectives and roadmaps, to understand blockers, report status, and collect metrics.
Working closely with stakeholders to understand and translate requirements into detailed architectural designs (i.e., as-is/to-be) that align with strategic goals.
Enabling application, enterprise, and environment engineering teams in development and deployment of solutions that meet performance, security, compliance standards, and industry best practices.
Championing for efficiency, automation, continuous optimization of resources, enhanced platform/cloud services, ensuring seamless interoperability and integration with existing platforms.
Continuously evaluating and recommending existing and emerging tools, technologies, and practices that enhance the cloud and platform capabilities, driving continuous improvement and innovation.
Monitoring and optimizing cloud and platform services to ensure high performance, reliability, and cost-efficiency.
Staying informed about industry trends and emerging technologies to proactively adapt and evolve our architectural strategies.

Basic Qualifications

Requires BS and 12+ years of prior relevant experience or Masters with 10+ years of prior relevant experience, additional years of experience will be accepted in lieu of a degree.
Certification: Active DoD 8570 IAT Level II or higher certification (e.g., Security+).
Familiarity with cloud/hybrid cloud computing platforms and their services within various security domains
Familiarity in designing and implementing large-scale, complex systems that integrate cloud and on-premises platforms with an understanding of storage, compute, and throughput capabilities
Deep understanding of cloud platforms (AWS, Azure, Google Cloud) and cloud-native technologies (containers, Kubernetes, serverless computing).
Strong background in enterprise architecture, systems integration, and hybrid/multi-cloud strategies.
Extensive knowledge of platform services, middleware, and enterprise integration frameworks.
Proficiency in Infrastructure-as-Code (IaC) tools (e.g., Terraform, CloudFormation) and cloud management practices.
Extensive knowledge of cloud security, compliance, and governance.
Active Cloud Solutions Architect Expert certification
US Citizen with an active Top Secret security clearance with SCI eligibility (TS/SCI)

Preferred Qualifications

Master’s degree in computer science, Software Engineering, STEM, or IT from an accredited institution

If you’re looking for comfort, keep scrolling. At Leidos, we outthink, outbuild, and outpace the status quo — because the mission demands it. We’re not hiring followers. We’re recruiting the ones who disrupt, provoke, and refuse to fail. Step 10 is ancient history. We’re already at step 30 — and moving faster than anyone else dares.

Original Posting:

March 23, 2026

For U.S. Positions: While subject to change based on business needs, Leidos reasonably anticipates that this job requisition will remain open for at least 3 days with an anticipated close date of no earlier than 3 days after the original posting date as listed above.

Pay Range:

Pay Range $131,300.00 - $237,350.00

The Leidos pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

About Leidos

Leidos is an industry and technology leader serving government and commercial customers with smarter, more efficient digital and mission innovations. Headquartered in Reston, Virginia, with 47,000 global employees, Leidos reported annual revenues of approximately $16.7 billion for the fiscal year ended January 3, 2025. For more information, visit www.Leidos.com.

Pay and Benefits

Pay and benefits are fundamental to any career decision. That’s why we craft compensation packages that reflect the importance of the work we do for our customers. Employment benefits include competitive compensation, Health and Wellness programs, Income Protection, Paid Leave and Retirement. More details are available at www.leidos.com/careers/pay-benefits.

Securing Your Data

Beware of fake employment opportunities using Leidos’ name. Leidos will never ask you to provide payment-related information during any part of the employment application process (i.e., ask you for money), nor will Leidos ever advance money as part of the hiring process (i.e., send you a check or money order before doing any work). Further, Leidos will only communicate with you through emails that are generated by the Leidos.com automated system – never from free commercial services (e.g., Gmail, Yahoo, Hotmail) or via WhatsApp, Telegram, etc. If you received an email purporting to be from Leidos that asks for payment-related information or any other personal information (e.g., about you or your previous employer), and you are concerned about its legitimacy, please make us aware immediately by emailing us at LeidosCareersFraud@leidos.com.

If you believe you are the victim of a scam, contact your local law enforcement and report the incident to the U.S. Federal Trade Commission.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to sex, race, ethnicity, age, national origin, citizenship, religion, physical or mental disability, medical condition, genetic information, pregnancy, family structure, marital status, ancestry, domestic partner status, sexual orientation, gender identity or expression, veteran or military status, or any other basis prohibited by law. Leidos will also consider for employment qualified applicants with criminal histories consistent with relevant laws.

#Remote

Platform Engineer

BOOZ, ALLEN & HAMILTON, INC.

McLean, VA, United States

The Opportunity:

As a Platform Engineer, you’ll help build and operate the foundational infrastructure behind an enterprise Digital Twin and modeling and simulation platform. You’ll support containerized platforms and deployment pipelines that enable real-time visualization, simulation, and analytics across hybrid cloud and on-prem environments.

Here, you’ll work alongside senior platform, DevOps, and application engineers in a fast-paced, mission-driven environment. You’ll gain hands-on experience supporting systems operating under DoD security and ATO constraints while learning how large-scale digital platforms are built and sustained.

You’ll be building and sustaining critical systems, and have the opportunity to work side by side with our partners to ensure that we keep our platforms reliable, secure, and scalable.

Work with us to use cloud platform technology for good.

Join us. The world can’t wait.

You Have:

2+ years of experience working with containerized applications or platforms
2+ years of experience with Kubernetes fundamentals
2+ years of experience with Docker or OCI containers
Experience working in Linux-based environments
Knowledge of IaC tools, such as Terraform or Helm
Ability to obtain a Secret clearance
Bachelor’s degree

Nice If You Have:

Experience supporting hybrid cloud or on-prem deployments
Knowledge of regulated, government, or DoD environments
Knowledge of container hardening or secure baseline concepts
Secret clearance

Clearance:
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

Compensation

At Booz Allen, we celebrate your contributions, provide you with opportunities and choices, and support your total well-being. Our offerings include health, life, disability, financial, and retirement benefits, as well as paid leave, professional development, tuition assistance, work-life programs, and dependent care. Our recognition awards program acknowledges employees for exceptional performance and superior demonstration of our values. Full-time and part-time employees working at least 20 hours a week on a regular basis are eligible to participate in Booz Allen’s benefit programs. Individuals that do not meet the threshold are only eligible for select offerings, not inclusive of health benefits. We encourage you to learn more about our total benefits by visiting the Resource page on our Careers site and reviewing Our Employee Benefits page.

Salary at Booz Allen is determined by various factors, including but not limited to location, the individual’s particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $62,000.00 to $141,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen’s total compensation package for employees. This posting will close within 90 days from the Posting Date.

Identity Statement

As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Work Model
Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely.

If this position is listed as remote or hybrid, you’ll periodically work from a Booz Allen or client site facility.
If this position is listed as onsite, you’ll work with colleagues and clients in person, as needed for the specific role.

Commitment to Non-Discrimination

All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, local, or international law.

Platform/Orchestration Engineer

MANTECH

USA-MD-Annapolis Junction

MANTECH seeks a highly skilled and motivated Platform/Orchestration Engineer to join our team in Annapolis Junction, MD.

The Platform/Orchestration Engineer will design, modernize, and sustain the critical infrastructure powering our cyber operations. This role involves engineering the future of operational platforms through automation, cloud-native architecture, and DevSecOps principles. You will be responsible for the full lifecycle of mission systems—from physical and virtual networks to the high-level orchestration of containerized environments—ensuring our operators have high-performance, secure, and available tools.

Responsibilities include but are not limited to:

Architecting and maintaining mission platforms, operational planning tools, and visualization interfaces
Leading the transition of legacy systems to commercial, private, and hybrid cloud environments using Kubernetes, KVM/QEMU, VMware, and other emerging technologies
Implementing containerized environments to increase the agility and scalability of cyber capabilities
Performing technical maintenance for mission-critical networks to ensure 24/7 availability and peak performance
Building and maintaining high-fidelity lab environments, simulators, and test ranges to evaluate prototype systems
Providing tier-level support to ensure data, communications, and system health for all range and lab end-users
Utilizing automated orchestration and delivery pathways to manage Infrastructure as Code (IaC) via Terraform and Ansible

Minimum Qualifications:

Bachelor’s Degree with 9+ years of experience; or High School Diploma/GED with 13+ years of experience; or Associate’s Degree with 11+ years of experience; or Master’s Degree with 7+ years of experience; or PhD with 5+ years of experience
Expertise in KVM/QEMU, VMware ESXi, or Hyper-V for managing kernel-level virtualization and emulated hardware
Deep expertise in Kubernetes (K8s) and Docker
Proficiency with automation tools such as Terraform, Ansible, or CloudFormation
Solid understanding of the DoD Risk Management Framework (RMF) and experience using eMASS

Preferred Qualifications:

DoD 8570/8140 IAT Level II or III certification (e.g., Security+, CISSP, or CASP+)
AWS Certified Solutions Architect (Professional or Associate)
Certified Kubernetes Administrator (CKA) or Certified Kubernetes Security Specialist (CKS)
Red Hat Certified Specialist in Virtualization, RHCSA, or RHCE
HashiCorp Certified: Terraform Associate
Bachelor’s or Master’s degree in Computer Science, Cyber Security, or Engineering

Clearance Requirements:

Must have an active TS/SCI CI poly clearance and be a US Citizen.

Physical Requirements:

Must be able to remain in a stationary position 50%.
Must be able to communicate, converse, and exchange information with peers and senior personnel.

Network Engineer

BOOZ, ALLEN & HAMILTON, INC.

Fayetteville, NC, United States

The Opportunity:

A well-designed network is critical to move data and enable agencies to achieve their missions, but how can an organization make sure their network will fit their evolving needs? Crafting the right network with the right equipment and sof tware requires a combination of technical skill and careful planning. That’s why we need an experienced network engineer like you who knows how to develop the exact network the DoD needs.

As a Network Engineer on our team, you’ll use your experience in network design and architecture, system interoperability, OSI model, network transport layers, multi-protocol label switching, gateway protocol, and virtual routing and forwarding to support the nation’s defense and resp ond to evolving adversaries. You’ll troubleshoot and resolve complex network issues, analyze current working infrastructures, and increase security, reliability, and availability for mission-critical network systems.

You’ll apply your expertise in routing and switching, troubleshooting, integration of encryption gear, network design and architecture, system interoperability, IP engineering, network transport layers, multi-protocol label switching, gateway protocol, and virtual routing and forwarding as you join our team of problem-solvers to help the DoD evolve and deploy new capabilities and technologies.

Your knowledge of network protocols, equipment, emerging technology, and configurations will come in handy as you optimize client operations and modernization. Using your experience in key management, sof tware and hardware firewalls, Cisco hardware, Palo Alto firewalls, cloud migration, optical infrastructure networking, virtual routing and forwarding, tactical networks, and SolarWinds, you’ll serve as a t rus ted advisor to clients on mission-critical projects. Using your technical curiosity and knowledge of industry standards, you’ll make an impact on national security missions.

Join us. The world can’t wait.

You Have:

Experience designing, implementing, and maintaining highly available and secure network infrastructure, including routers, switches, firewalls, and VPNs
Experience developing and maintaining network documentation, including topologies, configurations, procedures, and runbooks
Knowledge of TCP or IP stack, routing protocols such as OSPF, BGP, or EIGRP, and switching technologies, including VLANs, STP, or port-channeling
Ability to manage and optimize network monitoring, alerting, and logging systems to ensure proactive identification and resolution of issues
Ability to perform advanced troubleshooting and root cause analysis of complex network performance, connectivity, and security issues across LAN or WAN
TS / SCI clearance
HS diploma or GED
Vendor Certification such as CCNA, CCNP Routing and Switching or Enterprise, JN CIA , or JNCIP Certification
Ability to obtain a Security+ Certification within 60 days of hire date

Nice If You Have:

Experience in network automation using scripting languages such as Python and configuration management tools such as Ansible or Terraform
Experience mentoring junior team members and participating in cross-functional project teams
Experience with Sof tware-Defined Networking ( SDN ) concepts and tools such as Cisco ACI or SD-WAN
Experience with network security best practices and technologies, including Next-Generation Firewalls such as Palo Alto, Cisco ASA, or Juniper SRX and VPN solutions
Ability to clearly articulate complex technical issues to both technical and non-technical stakeholders
Ability to work independently and manage multiple priorities in a fast-paced environment
Ability to pay strict attention to detail
Possession of excellent problem-solving and analytical skills

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information ; TS/SCI clearance is required.

Compensation

Salary at Booz Allen is determined by various factors, including but not limited to location, the individual’s particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $77,500.00 to $176,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen’s total compensation package for employees. This posting will close within 90 days from the Posting Date.

Identity Statement

As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Work Model
Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely.

If this position is listed as remote or hybrid, you’ll periodically work from a Booz Allen or client site facility.
If this position is listed as onsite, you’ll work with colleagues and clients in person, as needed for the specific role.

Commitment to Non-Discrimination

Senior AWS DevOps Engineer

Onsite in Milpitas, CA Profitable, Series C FinTech Startup - AWS, Terraform, Docker, Kubernetes, Active Directory

This Jobot Job is hosted by: Caitlyn Hardy
Are you a fit? Easy Apply now by clicking the “Apply” button and sending us your resume.
Salary: $165,000 - $200,000 per year

A bit about us:

We’re a mission-driven fintech company building technology that helps millions of workers access the money they’ve already earned - when they need it most. Our platform integrates with employers and payroll systems to provide real-time wage access and financial wellness tools that reduce reliance on payday loans, overdraft fees, and other costly alternatives. Founded in Silicon Valley, our team is focused on using modern payment infrastructure and scalable cloud platforms to solve real financial challenges for everyday workers.

We are seeking a Senior AWS DevOps & Cloud Security Engineer to own and drive the security, production infrastructure, and DevOps automation across our AWS environment.

This is a critical role where you will be directly responsible for:

Designing and securing cloud infrastructure.
Managing production-grade systems at scale.
Leading DevOps practices across CI/CD, monitoring, and infrastructure automation.

This position is onsite in Milpitas, CA.

Why join us?

Company sponsored Health, Dental, and Vision insurance
Health, Dental and Vision Reimbursement account
401K, traditional, and Roth with a company match
Tuition Assistance or Tuition Reimbursement
Unlimited Paid Time off
Monthly Gym Reimbursement
Paid time off to volunteer
Paid Family Leave
Complimentary office lunches
Opportunity to work with a great team committed to making a difference.

More!

Job Details

Responsibilities:

Own and maintain the security posture across AWS accounts, environments, and production workloads.
Design and operate scalable, highly available, and secure AWS infrastructure.
Manage Active Directory integration with AWS IAM, supporting access for EC2, EKS, and applications.
Lead DevOps initiatives including CI/CD pipelines, Infrastructure as Code (IaC), version control, and automated deployments.
Administer and secure Windows Server and IIS workloads hosted in AWS.
Deploy and manage containerized applications using Docker and EKS.
Establish and enforce cloud governance and compliance standards (CIS, NIST, HIPAA).
Implement monitoring and observability solutions including logging, metrics, alerting, and dashboards.
Build automation tools and scripts to streamline operations and improve reliability.
Participate in on-call rotations, incident response, and root cause analysis.
Optimize cloud environments for performance, availability, and cost efficiency.

Required Skills & Qualifications

7+ years of experience in DevOps, Infrastructure, or Cloud Engineering roles.
Strong AWS expertise across EC2, VPC, IAM, RDS, S3, Systems Manager, KMS, GuardDuty, CloudWatch, Config, CloudTrail, etc.
Proven experience in cloud security, including IAM governance, least privilege policies, and secrets management.
In-depth experience with Active Directory, including IAM-AD integration and federated authentication.
Production experience with Docker (4+ years) and Amazon EKS/Kubernetes.
Strong scripting skills: PowerShell (primary), Bash, or Python.
CI/CD pipeline experience using Azure DevOps (VSTS/TFS), GitHub Actions, or Jenkins.
Experience with Infrastructure as Code (IaC) tools like Terraform, CloudFormation, or Pulumi.
Hands-on experience with Windows Server IIS, .NET/C# applications, and SQL Server.
Proficiency in monitoring and APM tools such as Datadog, Dynatrace, AppDynamics, Site24x7.
Solid understanding of networking: DNS, Load Balancing, SSL/TLS, VPC, routing, firewalls.

Preferred Qualifications

AWS Certifications: DevOps Engineer - Professional, Security - Specialty, or Solutions Architect - Professional.
Experience with secrets management tools: AWS Secrets Manager, SSM Parameter Store, or HashiCorp Vault.
Familiarity with Zero Trust, SSO, SAML, and OIDC-based authentication models.
Knowledge of cost optimization strategies using AWS Cost Explorer, Trusted Advisor, and Savings Plans.
Experience working in regulated industries (e.g., healthcare, finance, or government).

Interested in hearing more? Easy Apply now by clicking the “Apply” button.

Jobot is an Equal Opportunity Employer. We provide an inclusive work environment that celebrates diversity and all qualified candidates receive consideration for employment without regard to race, color, sex, sexual orientation, gender identity, religion, national origin, age (40 and over), disability, military status, genetic information or any other basis protected by applicable federal, state, or local laws. Jobot also prohibits harassment of applicants or employees based on any of these protected categories. It is Jobot’s policy to comply with all applicable federal, state and local laws respecting consideration of unemployment status in making hiring decisions.

Sometimes Jobot is required to perform background checks with your authorization. Jobot will consider qualified candidates with criminal histories in a manner consistent with any applicable federal, state, or local law regarding criminal backgrounds, including but not limited to the Los Angeles Fair Chance Initiative for Hiring and the San Francisco Fair Chance Ordinance.

Information collected and processed as part of your Jobot candidate profile, and any job applications, resumes, or other information you choose to submit is subject to Jobot’s Privacy Policy, as well as the Jobot California Worker Privacy Notice and Jobot Notice Regarding Automated Employment Decision Tools which are available at

By applying for this job, you agree to receive calls, AI-generated calls, text messages, or emails from Jobot, and/or its agents and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy here:

Application Security Engineer, Lead

BOOZ, ALLEN & HAMILTON, INC.

Fort Meade, MD, United States

The Opportunity:

A well-designed network is critical to move data and enable finan cia l institutions to achieve their missions, but how can an organization make sure their network will fit their evolving needs? Crafting the right network, with the right equipment and sof tware, requires a combination of technical skill and careful planning. That’s why we need you, an experienced network engineer who knows how to develop the exact network finan cia l institutions need.

As a Lead Application Security Engineer on our team, you’ll use your experience with implementing and integrating information systems, including routing and switching technologies. You’ll develop enterprise-wide infrastructure, troubleshoot and resolve complex network issues, analyze working infrastructures, and increase security, reliability, and availability for mission-critical network systems. Your knowledge of network protocols, equipment, emerging technology, and configurations will come in handy as you optimize client operations and modernization. Using your technical curiosity and knowledge of industry standards, you’ll make an impact on national security missions.

Join us. The world can’t wait.

You Have:

5+ years of experience implementing application security services such as macro-segmentation, micro-segmentation, application-aware firewalls, and Web Application Firewalls ( WAF )
5+ years of experience with next-generation firewalls, such as Palo Alto, or Cisco, or Fortninet, or Juniper, or Illumio
5+ years of experience with application delivery products, such as F5, Nginx, A10, or NetScaler
Experience leading cross-functional teams across various technologies and environments
Experience with DoD enterprise networks, such as defense infrastructure, including DMZ and application security
Secret clearance
HS diploma or GED

Nice If You Have:

Experience with Palo Alto Next-Generation Firewalls and Panorama
Experience with F5 BIG-IP Application Security Manager ( ASM ) and Advanced Web Application Firewall ( AWAF )
Experience securing enterprise web applications to be compliant with OWASP Top 10, CVSS, CWE, WASC, and SANS-25
Experience working with Infrastructure-as-Code ( IaC ) tools, including Terraform and deploying IaC with VS Code
Knowledge of Azure Cloud and AWS Cloud environments
Knowledge of federal compliance standards, including DoD STIG, NIST 800-53, FIPS, and DoD IL5 / 6

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information ; Secret clearance is required.

Compensation

Salary at Booz Allen is determined by various factors, including but not limited to location, the individual’s particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $77,600.00 to $176,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen’s total compensation package for employees. This posting will close within 90 days from the Posting Date.

Identity Statement

As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Work Model
Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely.

If this position is listed as remote or hybrid, you’ll periodically work from a Booz Allen or client site facility.
If this position is listed as onsite, you’ll work with colleagues and clients in person, as needed for the specific role.

Commitment to Non-Discrimination

Senior Linux Systems Administrator

MANTECH seeks an experienced and passionate, career and customer-oriented Senior Linux Systems Administrator to join our diverse team in Hanover, MD. In this role, you will support our mission and contribute to a dynamic environment that values innovation and national security.

Responsibilities include, but are not limited to:

Provide comprehensive administration and support for multi-platform operating system environments
Design and implement automated security hardening solutions to enhance scalability and streamline operating system deployments
Configure and maintain host-based security and intrusion detection systems
Monitor system performance and investigate detected anomalies to ensure operational integrity
Develop and deploy automation scripts to manage server integration and reduce manual configuration errors
Analyze system and security logs to identify and respond to real-time events and provide status updates to leadership
Conduct regular audits to verify security compliance and identify potential vulnerabilities or configuration gaps
Participate in design and review meetings to provide technical insights, project goals, and status updates for management

Minimum Qualifications:

Bachelor’s degree in a technical field and 7+ years of relevant Systems Administration experience; or a High School Diploma/GED with 15+ years of relevant experience.
Extensive experience with Linux command line
Systems administration and troubleshooting experience
Experience utilizing Ansible or Terraform
Experience managing enterprise VMware and orchestration
Experience with Firewall administration and rules
Familiarity with scripting

Clearance Requirements:

Must have a current/active TS/SCI with Polygraph and be willing and able to obtain another polygraph prior to start

Physical Requirements:

Must be able to remain in a stationary position at least 50% of the time
Needs to occasionally move about inside the office to access file cabinets, office machinery, etc
Constantly operate a computer and other office productivity machinery, such as, the copy machine/fax machine/computer/printer

Senior Cloud Engineer

MANTECH seeks a motivated, career and customer-oriented Senior Cloud Engineer to join our team in Crane, IN. This is a hybridposition requiring 3 days onsite per week.

Join a critical contract supporting the Naval Surface Warfare Center (NSWC) Crane to deliver enterprise IT and cybersecurity services. In this hybrid role based in Crane, IN, you’ll lead the development of secure, scalable cloud solutions that integrate with DoD systems, directly contributing to our nation’s defense. You’ll work hands-on with cutting-edge cloud architectures in a fast-paced, high-impact environment.

Responsibilities include but are not limited to:

Lead the design, development, and implementation of cloud-based software solutions for the Naval Surface Warfare Center (NSWC) in Crane
Collaborate with talented software developers and engineers to create sophisticated cloud applications that integrate with DoD systems and technologies
Build strong client relationships to deeply understand their business challenges and goals
Provide technical support and training to clients and internal teams, conduct security and compliance audits of cloud systems, and stay informed about emerging trends and technologies
Collaborate with a team of cloud engineers to execute project tasks and responsibilities

Minimum Qualifications:

High School Diploma or Equivalent
7+ years of IT experience, including 3+ years of full-time professional experience establishing and administering enterprise solutions in Amazon AWS and/or Microsoft Azure cloud environments
Working knowledge of AWS and Azure services including EC2, ELB, Auto-Scaling, S3, IAM, VPC, RDS, CloudTrail, CloudWatch, Lambda, Elastic Cache, Cloud Formation
Must obtain one of the following certifications within 30 days of your start date: CISSP, CASP, or an equivalent DoD 8570.01 IAT-3 certification

Preferred Qualifications:

Experience in advanced application and mastery of IS, plans, and functions, including Experience in advanced application and mastery of IS, plans, and functions, including DevSecOps
Hands-on experience with Terraform, CDK, and Ansible automation tools

Clearance Requirements:

Must be a U.S. Citizen and can obtain and maintain an active Secret security Clearance.

Physical Requirements:

The person in this position must be able to remain in a stationary position 50% of the time.
Occasionally move about inside the office to access file cabinets, office machinery, or to communicate with co-workers, management, and customers, via email, phone, and or virtual communication, which may involve delivering presentation

Security Engineer and Firewall SME

BOOZ, ALLEN & HAMILTON, INC.

The Opportunity :

A well-designed network is critical to move data and enable the US government to achieve their mission, but how can an organization make sure their network will fit their current and evolving needs? Crafting the right network, with the right equipment and sof tware, requires a combination of technical skill and careful planning. That’s why we need you, a firewall engineer who knows how to craft the exact network DoD needs.

As a network engineer on our team, you’ll advise the DoD as they work on a reliable network to support DoD critical missions. You’ll lead a team assisting clients with learning the strategic goals and operational needs that shape the network requirements. You’ll then lead the planning of acqui sit ion, installation, configuration, and maintenance of the network and security components. From resolving interoperability issues across platforms, to supporting the acqui sit ion of hardware, you’ll put your hardware and sof tware talents to good use. This is your chance to support your team with growing their knowledge base within depth network security expertise while broadening the scope of your network engineering work. Join us as we help protect DoD critical missions.

Join us. The world can’t wait.

You Have:

6+ years of experience configuring, managing, and troubleshooting NGFW deployments, including Security Policies , App-ID, User-ID, Threat Prevention, or URL Filtering
Experience deploying and operating Prisma Access or SASE solutions, including SD-WAN integration, remote access, such as GlobalProtect, and cloud-delivered security services
Experience managing multi-device environments through Panorama, including device groups, templates, and policy push workflows
Knowledge of VPC architecture, Tran sit Gateway, AWS Network Firewall, Security Groups, NACLs, and deploying Palo Alto VM-Series or Cloud NGFW in AWS
Knowledge of BGP, OSPF, static routing, NAT, and IPsec / SSL VPN as they apply to firewall design
Ability to own firewall incidents end-to-end, including participating in on-call rotations, triaging network security events, and driving issues to resolution under pressure
Ability to diagnose connectivity and policy issues using packet captures, traffic logs, and CLI tooling across both physical and cloud-based firewalls.
Ability to mentor junior and mid-level engineers and take ownership of smaller scoped projects and workstreams
Ability to obtain and maintain a Public Trust or Suitability/Fitness determination based on client requirements
HS diploma or GED

Nice If You Have:

Experience deploying firewall configs or AWS networking resources via Terraform, Ansible, or CloudFormation.
Experience designing or operating a ZTNA model, including using Prisma Access or similar
Experience integrating security policy changes into a pipeline, such as PAN-OS XML API, Terraform provider, or Expedition tooling
Experience with Azure or GCP networking in addition to AWS
Experience with SIEM or monitoring, including forwarding PAN logs to Splunk, Cortex XSIAM, or similar and building alerting around firewall events
PCNSE, AWS Networking Spe cia lty or Security Spe cia lty certification

Vetting :

Applicants selected will be subject to a government investigation and may need to meet eligibility requirements of the U.S. government client .

Compensation

Salary at Booz Allen is determined by various factors, including but not limited to location, the individual’s particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $77,600.00 to $176,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen’s total compensation package for employees. This posting will close within 90 days from the Posting Date.

Identity Statement

As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Work Model
Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely.

If this position is listed as remote or hybrid, you’ll periodically work from a Booz Allen or client site facility.
If this position is listed as onsite, you’ll work with colleagues and clients in person, as needed for the specific role.

Commitment to Non-Discrimination

Firewall Engineer, Lead

BOOZ, ALLEN & HAMILTON, INC.

The Opportunity:

A well-designed network is critical to move data and enable the U.S. government to achieve their mission, but how can an organization make sure their network will fit their current and evolving needs? Crafting the right network with the right equipment and sof tware requires a combination of technical skill and careful planning. That’s why we need you, a Firewall Engineer who knows how to craft the exact network DoD needs.

As a network engineer on our team, you’ll advise for the DoD as they work on a reliable network to support DoD critical missions. You’ll lead a team assisting clients with learning the strategic goals and operational needs that shape the network requirements. You’ll then lead the planning of acquisition, installation, configuration, and maintenance of the network and security components. From resolving interoperability issues across platforms, to supporting the acquisition of hardware, you’ll put your hardware and sof tware talents to good use. This is your chance to support your team with growing their knowledge base within depth network security expertise while broadening the scope of your network engineering work. Join us as we help protect DoD critical missions.

Join us. The world can’t wait.

You Have:

8+ years of experience with Palo Alto Networks PAN-OS, including NGFW, Panorama, and Prisma Access or SASE
Experience translating complex firewall and network security topics into clear written and verbal updates for non-technical stakeholders and leadership, including producing status reports, roadmaps, and risk summaries
Experience leading firewall incident response, including coordinating across teams, driving resolution, and c ond ucting post-incident reviews with clear remediation plans
Experience mentoring engineers, c ond ucting technical reviews, and raising the skill level of the team through documentation, knowledge sharing, and hands-on guidance
Experience establishing and enforcing firewall standards, policy review processes, and change management practices across an organization
Knowledge of AWS networking and security, including VPC architecture, Transit Gateway, VM-Series or Cloud NGFW deployments, and AWS security constructs, and designing and reviewing multi-account network topologies
Ability to manage a team’s work queue, coordinate across concurrent projects, track deliverables, and surface blockers early, including owning sprint planning or lightweight project tracking for a technical team
Ability to obtain and maintain a Public Trust or Suitability/Fitness determination based on client requirements
HS diploma or GED

Nice If You Have:

Experience with lightweight PM tools such as Jira, ServiceNow, or Confluence to manage roadmaps, track work, and communicate status
Experience working directly with Palo Alto Networks TAC, account teams, or professional services to escalate issues and align on roadmaps
Experience contributing to or driving a Zero T rus t or SASE transformation at an organizational level
Knowledge of Terraform or Ansible for firewall and AWS networking automation
Ability to review and guide IaC work, including even if not the primary author
PMP, PCNSE, AWS Networking, or Security Spe cia lty Certifications

Vetting:

Applicants selected will be subject to a government investigation and may need to meet eligibility requirements of the U.S. government client .

Compensation

Salary at Booz Allen is determined by various factors, including but not limited to location, the individual’s particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $99,000.00 to $225,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen’s total compensation package for employees. This posting will close within 90 days from the Posting Date.

Identity Statement

As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Work Model
Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely.

If this position is listed as remote or hybrid, you’ll periodically work from a Booz Allen or client site facility.
If this position is listed as onsite, you’ll work with colleagues and clients in person, as needed for the specific role.

Commitment to Non-Discrimination

Platform Engineer

BOOZ, ALLEN & HAMILTON, INC.

The Opportunity:

Designs, implements, integrates, and maintains systems and tools to automate complex cyber activities. Applies specific functional knowledge and working and general industry knowledge. Develops or contributes to solutions to a variety of problems of moderate scope and complexity. Works independently with some guidance, and reviews or guides activities of junior employees.

You Have:

3+ years of experience administering Kubernetes clusters in production environments
E xperience with Helm charts, Kustomize, or Operators for deploying and managing applications on Kubernetes
Experience with GitOps workflows using tools such as ArgoCD, Flux, or GitLab CI / CD for infrastructure and application delivery
Experience with Elastic Cloud on Kubernetes (ECK) or deploying or managing stateful applications on Kubernetes
Experience building and maintaining CI / CD pipelines for infrastructure-as-code deployments
Experience with monitoring and observ ability to oling, such as Pro met heus or Grafana, for platform health and SLA dashboards
K nowledge of Linux systems administration and container troubleshooting, including logs, networking, and resource constraints
A bility to identify, prioritize, and remediate technical debt across platform environments, such as refactoring, dependency upgrades, and deprecated API migration, and work on- sit e at the designated location per program requirements
TS / SCI clearance
HS diploma or GED

Nice If You Have:

E xperience deploying and upgrading ECK Operators and managing Elasticsearch / Kibana custom resources in Kubernetes
Experience with Platform One Big Bang or Iron Bank hardened container workflows in a DoD environment
Experience with GitLab self-hosted administration, including runners, pipelines, merge request automation, and repo sit ory management
Experience automating dashboard generation or reporting such as Grafana-as-code, Kibana saved objects API, or scripted dashboard provisioning
Experience with multi-classification or air-gapped deployment patterns such as IL5 / IL6, artifact mirroring, and offline registries
Experience with Istio, Linkerd, or similar service mesh technologies for mTLS and traffic management
Experience in Terraform, Pulumi, or Crossplane for declarative infrastructure provisioning
Experience with DAST, SAST, or container scanning integrated into GitOps pipelines such as RMF or ATO compliance automation
Experience with Vault, SOPS, or sealed-secrets for secrets management in GitOps workflows
Experience running cost and resource optimization on Kubernetes, such as right-sizing, HPA / VPA tuning, and node pool strategy for stateful work load s like Elasticsearch

Clearance :

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information ; TS/SCI clearance is required.

Compensation

Salary at Booz Allen is determined by various factors, including but not limited to location, the individual’s particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $86,800.00 to $198,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen’s total compensation package for employees. This posting will close within 90 days from the Posting Date.

Identity Statement

As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Work Model
Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely.

If this position is listed as remote or hybrid, you’ll periodically work from a Booz Allen or client site facility.
If this position is listed as onsite, you’ll work with colleagues and clients in person, as needed for the specific role.

Commitment to Non-Discrimination

Lead Cybersecurity WAF Engineer

The Lead Cybersecurity Web Application Firewall (WAF) Engineer is the enterprise’s foremost expert and strategic owner of WAF and application-edge security. This role sets the vision, strategy, and standards that govern how public-facing applications are protected across Cox Automotive.

The Lead Engineer drives the architecture of WAF implementations, leads complex threat response efforts, advances automation and logging capabilities, and partners with cross-functional engineering, cybersecurity, and business teams to ensure resilient, scalable, and modern WAF protections. Main responsibilities are tuning and improving security policies, implementing the WAF for new public websites based on established architecture patterns, and participating in security events to use the WAF as a protective and defensive measure against threat actors.

This role will use their technical knowledge in implementing and using a web application firewall as a protective and defensive cybersecurity control. They will use their experience with networking concepts such as DNS, HTTP/S, and edge services to route website traffic, understand how web applications and mobile applications are designed to use client-server communication, and must be able to partner with cross-functional teams throughout the organization.

This role will report directly to the Senior Manager of Application Security at Cox Automotive.

What You’ll Do:

Own and champion the enterprise WAF, shaping its strategy, patterns, and standards in partnership with the architecture team. We’re looking for someone who lives and breathes WAF and can elevate security for all public-facing sites and APIs.
Analyze WAF rules to identify improvements and explain recommended changes to improve the protections the WAF provides.
Collaborating with security architecture on long-term WAF strategy, including technology standards, architectural patterns, and security roadmaps.
Author and maintain runbooks, playbooks, and threat specific WAF tuning strategies. Lead the creation and continuous improvement of runbooks, playbooks, and automated detection/triggers.
Perform cyber engineering trend analysis and reporting, defining and recommending tool, infrastructure and other improvements.
Proposes and helps review plans and policies to improve the overall security environment.
Participate in security events and incident response (e.g., botnet traffic spikes, Layer 7 attacks) to identify gaps in current design and propose solutions to prevent threats from reoccurring.
Research and evaluate emerging security trends, threats, and technologies, and recommend appropriate solutions and enhancements.
Partnering closely with AppSec, Cyber Defense, and Engineering teams for secure-by-default adoption.

Who Are You:

Minimum Qualifications

Bachelor’s degree in a related discipline and 6 years’ experience in a related field. The right candidate could also have a different combination, such as a master’s degree and 4 years’ experience; a Ph.D. and 1 year of experience; or 18 years’ experience in a related field
At least 4 years focused on cybersecurity with at least 2 years managing enterprise WAF.
Demonstrated expert level experience architecting, implementing, and operating enterprise WAF solutions across multiple environments.
Must have deep knowledge of how network traffic routes between clients and servers across the internet (e.g., DNS, HTTP/S, CDN/edge routing).
Clearly articulate the objective of specific cybersecurity policies and procedures to technical and non-technical stakeholders.
Proven experience leading technical initiatives and mentoring engineering teams.
Excellent customer service skills, writing, and presentation skills.
Develop a strong and productive working environment with key stakeholders and collaborate closely with other Cox entities’ cybersecurity teams to implement cybersecurity best practices.
Consultative nature to work through controversial or complex topics to employees, leaders, and/or senior leadership.
Proficient in Python and Terraform.
Creatively solving complex cybersecurity challenges while exhibiting solid, pragmatic business acumen.
Experience utilizing Agile methodologies and DevSecOps.
Initiating change and deploying solutions in Fortune 1000 companies.
Knowledge of cybersecurity frameworks (e.g., ISO 27000, NIST, FFIEC) and industry relevant regulations that will guide architectural requirements (e.g., GDPR, FFIEC, GLBA).

Preferred Qualifications

Knowledge of current cybersecurity and technology architectures such as zero trust, IaaS, PaaS, SaaS, virtualization, and containerization.
A strong understanding of cloud containers and/or serverless platforms (e.g., EKS, ECS, Lambda, Fargate).
Experience with security testing tools such as Fortify, BurpSuite, and Wiz.
Extensive technology knowledge and recognized expertise in several areas including .NET framework, Mono, Spring frameworks, Oracle, serverless, cloud patterns, cloud service and user authentication or similar.
Experience with cloud infrastructure (AWS, GCP, or Azure) and services and on-premises infrastructure.
Experience in the development and design of cybersecurity standard methodologies to all layers of the hosting and application stack in both cloud and on-premises environments.
Knowledge of Identity and Access Management (IAM), cryptography / key management, secrets management, access controls and security protocols (e.g., multi-factor, SAML, OAuth, OIDC).
Experience with firewall, web application firewalls, and other edge services as well as deep understanding of DMZ and other network architectures.
AWS Well-Architected Framework.
Experience in national critical infrastructure industries (telecommunications, financial services, defense, government, etc.).
Big four consulting or Fortune 500 company experience.
Relevant industry certification (e.g., CISSP, CEH, OSCP, Azure, AWS, CISM, CISA).

USD 122,600.00 - 204,400.00 per year

Compensation:

Compensation includes a base salary of $122,600.00 - $204,400.00. The base salary may vary within the anticipated base pay range based on factors such as the ultimate location of the position and the selected candidate’s knowledge, skills, and abilities. Position may be eligible for additional compensation that may include an incentive program.

Benefits:

The Company offers eligible employees the flexibility to take as much vacation with pay as they deem consistent with their duties, the company’s needs, and its obligations; seven paid holidays throughout the calendar year; and up to 160 hours of paid wellness annually for their own wellness or that of family members. Employees are also eligible for additional paid time off in the form of bereavement leave, time off to vote, jury duty leave, volunteer time off, military leave, and parental leave.

Lead Application Security Engineer - 19562

The Lead Application Security Engineer will partner with Security Engineering Enablement and Security Architecture to design and ship secure software: secure code reviews and help define requirements on prerelease control validation (SAST/DAST/SCA, API security, Container/IaC scans). Drive fix-first coaching-turn findings into clear remediation guidance and code examples, to help teams remediate security findings.

The team is the Center of Excellence (COE) for Application Security, Web Application Firewalls and Cloud Security. In this capacity, the Lead AppSec Engineer can provide advice and guidance to teams in these areas to support the established standards and policies, in the form of Office Hours, Brown Bags or team consultation sessions.

Primary Responsibilities:

Operate, administer, and continuously improve our off the shelf AppSec and CloudSec tools (WAF infrastructure management, user onboarding, policy/config, integrations).
Triage and disposition vulnerabilities across SAST/DAST/SCA/API/IaC/CSPM sources; lead false positive reviews and suppression/exception workflows with strong audit trails.
Partner with Cloud Platform teams to harden AWS/Azure/GCP environments using CSPM/CNAPP controls, guardrails, and baselines; guide secure patterns for serverless, containers/Kubernetes, and secrets management.
Support system administration, configuration, and maintenance for the AppSec/CloudSec/WAF toolset (identity/roles, agent health, connectors, backups, upgrades, and DR testing).
Evaluate security tools on an ongoing basis, to ensure we are leveraging the best toolset that meets the enterprise’s needs
Serve as first-line triage for Responsible Disclosure submissions, reproduce issues, determine severity/impact, assign owners/SLAs, and track to closure.
Ensure consistent communications with Responsible Disclosure reporters and internal stakeholders and maintain accurate records for compliance.
Use scripting/automation (Python, PowerShell, Bash, REST APIs, Terraform modules, GitHub Actions/Azure DevOps/GitLab CI) for ad hoc fixes and to reduce toil (bulk policy changes, project provisioning, baseline exceptions, report consolidation).
Stakeholder for helping design Secure Pipelines to be implemented by the Security Engineering Enablement team

Minimum Qualifications:

Bachelor’s degree in a related discipline and 6 years’ experience in a related field. The right candidate could also have a different combination, such as a master’s degree and 4 years’ experience; a Ph.D. and 1 year of experience; or 18 years’ experience in a related field
2 years in Application / Product security or software engineering with a strong security focus.
Hands on depth with modern SDLC/DevSecOps in cloud-native environments: microservices, APIs, containers/Kubernetes, serverless, IaC (Terraform/CloudFormation/ARM/Bicep), and CI/CD integration.
Practical expertise operating and tuning SAST, DAST, SCA, API testing, IaC/container scanners, plus CNAPP for multi cloud.
Scripting/automation proficiency (Python preferred; PowerShell/Bash nice) and REST API integration skills; able to create quick utilities and pipeline jobs to reduce manual effort.
Strong knowledge of OWASP Top 10, ASVS, SAMM, NIST SSDF, CSA CCM, secure design patterns, cryptography fundamentals, authN/Z (OAuth2/OIDC/JWT), and common web/API vulns and mitigations.
Experience triaging responsible disclosure or bug bounty reports and driving coordinated remediation with product teams.
Excellent communicator who can simplify complex risk for engineers and leaders; bias to action and measurable outcomes.
Familiarity with software supply chain security (SBOMs, signing, provenance, dependency risk) and runtime protection (RASP, WAF/WL, EDR for containers).
Strong understanding of cloud architecture and infrastructure
Collaborate with AI agents to build, test, and deploy software across the SDLC, by using proper contextual inputs to improve AI understanding and output quality.
Implement AI-powered features and pipelines in our software
Contribute to prompt engineering experimentation and share tool usage insights.
Define coding standards, review practices, and ethical guidelines for AI use.
Mentor peers and coach junior team members on AI-augmented development.
Applicants must currently be authorized to work in the United States for any employer without current or future sponsorship. No OPT, CPT, STEM/OPT or visa sponsorship now or in future.

Preferred skills:

WAF engineering experience (policy design, tuning, false positive management, bot/rate limit controls, logging/observability, blue/green rollout).
Certifications (e.g., CISSP, CSSLP, GWAPT, GCSA, GCP/AWS/Azure security) are a plus.
Experience with API security (OWASP API Top 10), Proactive Threat Response, Responsible Disclosure workflows is a plus.

USD 122,600.00 - 204,400.00 per year

Compensation:

Benefits:

Senior AWS Pre-sales Solutions Architect (East) (RapidScale)

Cox Communications

New York, NY, United States

Job Description

Our Sales SA positions will require 25-35% travel to conferences, partner offices, and customer sites.

This role will support opportunities on the East coast.

At RapidScale, exceptional technology is powered by exceptional people. We deliver secure, reliable managed and advisory services across private, public, and hybrid clouds, helping organizations innovate, adapt, and grow. As an Elite Broadcom VMware VCSP Partner and top partner with AWS, Azure, and Google, our solutions focus on business outcomes with embedded cyber resiliency and AI to protect today and enable tomorrow backed by the strength of the Cox family of companies.

What does the Sales Solutions Architecture Team do?

Sales Solution Architects work in partnership with Solutions Specialists (Sales Representatives) and serve as their technical counterparts in all phases of the sales lifecycle. From evangelizing technologies to demonstrating our feature-rich Cloud Reliability Platform, our job is to help customers figure out and solve their cloud initiatives. We do this by taking a consultative approach in our discovery and assessment phases with the output being solutions that are built with reliability, performance, and security baked-in on top of our Managed Cloud Portfolio. As an integral part of the Solutions Architecture team, you will design systems that are purpose-built and well suited to their target infrastructure.

As an AWS Senior Solutions Architect, you will:

• Represent the technical expertise of RapidScale and act to position RapidScale as an agnostic trusted advisor to customers in the sales process

• Provide Pre-Sales technical support to the go-to-market team to drive revenue and cloud adoption

• Conduct full technical discovery and assessment workshops to identify pain points and gather business and technical requirements. This will include Well-Architected Reviews, Migration Readiness Assessments, Total Cost of Ownership (TCO) analysis, etc.

• Consult with prospects and architect solutions aligned with the identified customer requirements by leveraging the Well-Architected Framework methodology

• Produce cost and labor estimates and SOWs for potential projects

• Collaborate and participate in the creation of technical collateral, documentation, pitch and presentation materials (e.g. SOWs, HLDs, Decks, Reference Architectures)

• Provide technical training sessions and workshops for Sales and Go to Market staff

• Clearly document and communicate proposed architectures to implementation teams during and after the pre-sales cycle to validate and verify project success

• Interface with the Product team and provide feedback for improving product quality and capabilities by leveraging information gathered in field engagements

• Provide thought leadership by speaking at industry events such as trade shows, panels or marketing events as well as publishing blog posts, white papers and participating in case studies

What Technical Attributes We’re Looking for In You:

Relevant Industry-leading certification required: AWS Solutions Architect Professional

• Experience working in fast-paced sales environments

• Hands-on experience with AWS migrations, deployments, etc.

• Deep understanding of AWS with hands-on experience with migrations, deployments, etc.

• Functional knowledge of Microsoft Azure, Google Cloud, and traditional datacenter infrastructure

• Understanding of IaaS / PaaS / SaaS platforms; e.g. EC2, RDS, etc.

• Understanding of containerization & virtualization technologies; e.g Kubernetes, Docker, EKS, ECS, etc.

• Understanding IaC tools; e.g. Puppet, Ansible, CloudFormation, Terraform

• Understanding of different Disaster Recovery and data protection principles

• Understanding of PCI, HIPAA, GDPR regulatory compliance frameworks

• Understanding of Relational and Non-Relational Databases (MySQL, Oracle, MS SQL Server, NoSQL, etc.)

Minimum Qualifications:

A BA/BS Degree with 6+ years of experience, or a MS Degree with 4+ years of experience, or a Ph.D with one year of experience, or 10 years of overall experience without a degree
Professional Level Public Cloud Certification (AWS, Azure, Google)
Background and experience working in the context of a sales team
Strong presentation, written and verbal communication skills
Strong analytical problem-solving ability
High level of comfort communicating effectively across internal organizations
Ability to speak at public events in front of large audiences is a bonus
Fluency in English

USD 155,200.00 - 232,800.00

Compensation:

Compensation includes a base salary of $155,200.00 - $232,800.00. The salary rate may vary within the anticipated range based on factors such as the ultimate location of the position and the selected candidate’s experience. In addition to the salary range identified herein, this role is also eligible for an annual incentive/commission target of $52,800.00.

Benefits:

Applicants must currently be authorized to work in the United States for any employer without current or future sponsorship. No OPT, CPT, STEM/OPT or visa sponsorship now or in future.

Solutions Engineer

BOOZ, ALLEN & HAMILTON, INC.

Hanscom Afb, MA, United States

The Opportunity:

Everyone is trying to “harness the cloud”, but not everyone knows how. As an aspiring cloud computing infrastructure architect on our team, you’ll learn how to use cutting-edge enterprise cloud platforms to support your clients as they modernize their IT infrastructure and meet their most difficult missions. We’re looking for someone like you to help the environment of our warfighters.

You’ll closely collaborate with cloud architects and engineers spe cia lizing in Office 365, Azure, AWS, and GCP to design, define, develop, test, and debug cloud solution components. You’ll have the chance to grow your skills within a DevOps framework to develop and manage container apps and use products like Kubernetes to further the mission. With access to our internal Azure, AWS, and GCP labs, you’ll have the space and time to explore different ways of solving our clients’ challenges, and you’ll work with your team and stakeholders to deliver the right technical solutions. Whether helping to modernize legacy computing platforms and applications or learning to create new ones from scratch, you’ll have the latest tech and brightest teammates at your fingertips.

Grow your skills at the leading edge of innovation.

Join us. The world can’t wait.

You Have:

Experience with AWS GovCloud architecture and implementation, including networking, IAM, compute, and storage design and implementation ownership
Experience with enterprise virtualization and infrastructure architecture across geographically distributed environments, including degraded or disconnected network c ond itions, and data platform architecture at the design and implementation level such as data lakehouses, pipelines, and multi-tenant environments in classified or air-gapped contexts, including Databricks or Cloudera
Experience with SIEM platform architecture and deployment, including design, migration, or consolidation at enterprise-scale such as Elasticsearch or Splunk
Experience with DevOps and automation such as containerization, orchestration, infrastructure-as-code, and CI / CD pipeline design in classified or restricted environments, including Kubernetes, Terraform, or Ansible
Experience with AI / ML pipeline integration, including RAG workflows or LLM-backed tooling in production or near-production environments, used to extend engineering capability
Knowledge of IL4-IL5 classification controls, RMF, and ATO processes
Ability to rapidly evaluate and adopt emerging technologies, develop genuine working knowledge, lead a team through implementation, produce clear technical documentation, and communicate architectural decisions to both engineering teams and senior non-technical stakeholders
Ability to architect solutions under ambiguity and drive them through implementation alongside engineers, owning the outcome, not just the diagram
Secret clearance
Bachelor’s degree

Nice If You Have:

Experience with cloud-native AI / ML services in GovCloud environments such as AWS Bedrock, SageMaker, or equivalent
Experience at a large defense contractor or systems integrator with large-scale program execution, including from Booz Allen, SAIC, Leidos, GDIT, Peraton, or equivalent
Experience supporting DoD programs or installations
Experience with DoD mission systems or C2 platform integration across NIPR, SIPR, or coalition network environments
Experience with agentic AI frameworks, workflow automation platforms, or custom tooling development that meaningfully extend team or program capacity
Experience building team capability through documentation, mentorship, or structured knowledge transfer
Experience in a technical lead or principal-level role with accountability for both architecture and delivery outcomes
Experience on a Technology Tiger Team or rapid response technical unit, including parachuting into high-priority problems, delivering under compressed timelines, and moving on
Top Secret clearance
Professional or Spe cia lty AWS Certifications such as Solutions Architect Professional, Security Spe cia lty, or similar Certification

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information ; Secret clearance is required.

Compensation

Salary at Booz Allen is determined by various factors, including but not limited to location, the individual’s particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $55,300.00 to $126,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen’s total compensation package for employees. This posting will close within 90 days from the Posting Date.

Identity Statement

As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Work Model
Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely.

If this position is listed as remote or hybrid, you’ll periodically work from a Booz Allen or client site facility.
If this position is listed as onsite, you’ll work with colleagues and clients in person, as needed for the specific role.

Commitment to Non-Discrimination

Solutions Architect

BOOZ, ALLEN & HAMILTON, INC.

Hanscom Afb, MA, United States

The Opportunity:

Everyone is trying to “harness the cloud”, but not everyone knows how. As a cloud computing infrastructure architect, you know how to take advantage of cloud capabilities. On our team of experienced professionals, you’ll use cutting-edge enterprise cloud platforms to support your clients as they modernize their IT infrastructure and meet their most challenging missions. We’re looking for someone like you to help enhance the environment for our warfighters.

You’ll closely collaborate with fellow cloud architects and engineers spe cia lizing in Office 365, Azure, AWS, and GCP to design, define, develop, test, and debug cloud solution components. You’ll have the chance to work within a DevOps framework to create and manage container apps and use products like Kubernetes to further the mission. With access to our internal Azure, AWS, and GCP labs, you’ll have the space and time to explore different ways of solving our clients’ problems, and partner with stakeholders and your team to deliver the right technical solutions. Whether modernizing legacy computing platforms and applications or creating new ones from scratch, you’ll have the latest tech and brightest teammates at your fingertips.

Grow your skills at the leading edge of innovation.

Join us. The world can’t wait.

You Have:

5+ years of experience with AWS GovCloud architecture and implementation, including networking, IAM, compute, and storage design and implementation ownership
Experience with enterprise virtualization and infrastructure architecture across geographically distributed environments, including degraded or disconnected network c ond itions, and data platform architecture at the design and implementation level such as data lakehouses, pipelines, and multi-tenant environments in classified or air-gapped contexts, including Databricks or Cloudera
Experience with SIEM platform architecture and deployment, including design, migration, or consolidation at enterprise-scale, including Elasticsearch or Splunk
Experience with DevOps and automation, including containerization, orchestration, infrastructure-as-code, and CI / CD pipeline design in classified or restricted environments such as Kubernetes, Terraform, or Ansible
Experience with AI / ML pipeline integration, including RAG workflows or LLM-backed tooling in production or near-production environments, used to extend engineering capability
Knowledge of IL4-IL5 classification controls, RMF, and ATO processes
Ability to rapidly evaluate and adopt emerging technologies, develop genuine working knowledge, lead a team through implementation, produce clear technical documentation, and communicate architectural decisions to both engineering teams and senior non-technical stakeholders
Ability to architect solutions under ambiguity and drive them through implementation alongside engineers, owning the outcome
Secret clearance
Bachelor’s degree

Nice If You Have:

Experience with cloud-native AI / ML services in GovCloud environments such as AWS Bedrock, SageMaker, or equivalent
Experience as a large defense contractor or systems integrator with large-scale program execution, including with Booz Allen, SAIC, Leidos, GDIT, Peraton, or equivalent
Experience supporting DoD programs or installations
Experience with DoD mission systems or C2 platform integration across NIPR, SIPR, or coalition network environments
Experience with agentic AI frameworks, workflow automation platforms, or custom tooling development that meaningfully extend team or program capacity
Experience building team capability through documentation, mentorship, or structured knowledge transfer
Experience in a technical lead or principal-level role with accountability for both architecture and delivery outcomes
Experience on a Technology Tiger Team or rapid response technical unit, including parachuting into high-priority problems, delivering under compressed timelines, and moving on
Top Secret clearance
Professional or Specialty AWS Certifications such as Solutions Architect Professional, Security Spe cia lty, or similar Certification

Clearance:

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information ; Secret clearance is required.

Compensation

Salary at Booz Allen is determined by various factors, including but not limited to location, the individual’s particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $86,900.00 to $198,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen’s total compensation package for employees. This posting will close within 90 days from the Posting Date.

Identity Statement

As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Work Model
Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely.

If this position is listed as remote or hybrid, you’ll periodically work from a Booz Allen or client site facility.
If this position is listed as onsite, you’ll work with colleagues and clients in person, as needed for the specific role.

Commitment to Non-Discrimination

Solution Architect

BOOZ, ALLEN & HAMILTON, INC.

Hanscom Afb, MA, United States

The Opportunity:

Everyone is trying to “harness the cloud,” but not everyone knows how. As an experienced cloud computing infrastructure architect, you know how to take advantage of cloud capab ilities. Here, you’ll oversee our team of experienced professionals and use cutting-edge enterprise cloud platforms to guide your clients as they modernize their IT infrastructure and meet their most challenging missions. We’re looking for someone like you to help enhancing the environment for our warfighters.

You’ll collaborate closely with fellow cloud architects and engineers spe cia lizing in Office 365, Azure, AWS, GCP to design, define, develop, test, and debug cloud solution components. You’ll have the chance to broaden your experience within a DevOps framework to create and manage container apps and use products like Kubernetes to further the mission. With access to our internal Azure, AWS, and GCP labs, you’ll have the space and time to explore different ways of solving our clients’ problems, and you’ll partner with stakeholders and lead your team to deliver the right technical solutions. Whether modernizing legacy computing platforms and applications or creating new ones from scratch, you’ll have the latest tech and brightest teammates at your fingertips.

Grow your skills at the leading edge of innovation.

Join us. The world can’t wait.

You Have:

10+ years of experience with AWS GovCloud architecture and implementation including networking, IAM, compute, and storage
Experience with enterprise virtualization and infrastructure architecture across geographically distributed environments, including degraded or disconnected ( DDIL ) network c ond itions, and with Data platform architecture at the design and implementation level, including data lakehouses, pipelines, and multi-tenant environments in classified or air-gapped contexts, such as Databricks or Cloudera
Experience with SIEM platform architecture and deployment including design, migration, or consolidation at enterprise scale such as Elasticsearch or Splunk
Experience with DevOps and automation, including containerization, orchestration, infrastructure-as-code, and CI / CD pipeline design in classified or restricted environments, such as Kubernetes, Terraform, or Ansible
Experience with AI / ML pipeline integration including RAG workflows or LLM-backed tooling in production or near-production environments, including extending engineering capab ility not replacing it
Knowledge of IL4-IL5 classification controls, RMF, and ATO processes
Ability to rapidly evaluate and adopt emerging technologies, develop expertise , and lead a team through implementation, architect solutions under ambiguity, and drive them through implementation working hands-on alongside engineers
Ability to produce clear technical documentation and communicate architectural decisions to both engineering teams and senior non-technical stakeholders
Secret clearance
Bachelor’s degree

Nice If You Have:

Experience with cloud-native AI / ML services in GovCloud environments, such as AWS Bedrock, or SageMaker
Experience at a large defense contractor or systems integrator , including large-scale program execution
Experience in OCONUS supporting DoD programs or installations
Experience with DoD mission systems or C2 platform integration across NIPR, SIPR, or coalition network environments
Experience with agentic AI frameworks, workflow automation platforms, or custom tooling development that meaningfully extended team or program capacity
Experience building team capab ility through documentation, mentorship, or structured knowledge transfer
Experience in a technical lead or principal-level role with accountability for both architecture and delivery outcome
Experience on a Technology Tiger Team or rapid response technical unit, including parachuting into high-priority problems, delivering under compressed timelines, and moving on
AWS certifications such as Solutions Architect Professional or Security Spe cia lty certifications

Clearance :

Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information ; Secret clearance is required.

Compensation

Salary at Booz Allen is determined by various factors, including but not limited to location, the individual’s particular combination of education, knowledge, skills, competencies, and experience, as well as contract-specific affordability and organizational requirements. The projected compensation range for this position is $112,900.00 to $257,000.00 (annualized USD). The estimate displayed represents the typical salary range for this position and is just one component of Booz Allen’s total compensation package for employees. This posting will close within 90 days from the Posting Date.

Identity Statement

As part of the application process, you are expected to be on camera during interviews and assessments. We reserve the right to take your picture to verify your identity and prevent fraud.

Work Model
Our people-first culture prioritizes the benefits of flexibility and collaboration, whether that happens in person or remotely.

If this position is listed as remote or hybrid, you’ll periodically work from a Booz Allen or client site facility.
If this position is listed as onsite, you’ll work with colleagues and clients in person, as needed for the specific role.

Commitment to Non-Discrimination

Cybersecurity Automation Lead

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve - we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you.

Job Title

Lead Automation Engineer

Summary We are seeking a Lead Automation Engineer (P5) to design, deliver, and scale automation that powers our cybersecurity platforms and operations. You will own the automation strategy and execution across SIEM, SOAR, endpoint, vulnerability, and cloud-security workflows-eliminating manual toil, standardizing deployments, and embedding reliability into the way we operate.

Location note: this is a remote role within 50km of Mississagua Ontario or St Laurent Quebec, or Calgary, AB, or Vancouver, BC

What You’ll Do

Own the automation roadmap aligned to platform runbooks and quarterly objectives; prioritize high-value use cases that reduce manual effort and improve speed/quality.
Design, implement, and maintain Python-based playbooks, micro-services, and scripts for enrichment, decisioning, remediation, and evidence collection.
Deliver self-service capabilities (CLI/ChatOps/UI) that enable platform teams and SOC/IR to perform standardized actions safely and repeatedly.
Build robust API integrations between security tools and enterprise systems (e.g., SIEM/SOAR, endpoint, vulnerability scanners, ticketing/ServiceNow, CMDB, identity, cloud services).
Implement CI/CD workflows (GitHub Actions/Azure DevOps/GitLab CI), environment promotion, secrets management, and rollback safety for automation code.
Add observability to automation (structured logging, metrics, traces, alerts); track playbook success/failure, latency, and error budgets.
Act as technical lead for automation initiatives; mentor engineers on Python, integration patterns, and CI/CD.
Partner closely with SOC/IR, Platform Ops, Cloud/Infra, and GRC to align automation to operational, resilience, and compliance needs.

What You Bring

Expert-level Python (designing maintainable packages/services, async patterns where useful, testing, packaging, dependency management).
Practical experience building API integrations (REST/GraphQL), handling auth flows (OAuth2, JWT), and working with JSON/structured logs.
Demonstrated DevOps capability: CI/CD pipelines, artifact versioning, release orchestration, and basic container familiarity (Docker).
Hands-on with at least two security/platform domains (e.g., SIEM/SOAR, endpoint/EDR, vulnerability management, email/data security, cloud security).
Strong communication skills and a track record of shipping reliable automation that measurably improves operations.

Minimum Requirements

Degree or equivalent and typically requires 10+ years of relevant experience. Less years required if has relevant Master’s or Doctorate qualifications.

Preferable Skills & Experience

Experience with Terraform or Ansible for provisioning/configuration.
Familiarity with event-driven patterns (webhooks, message queues) and serverless runtimes.
Experience optimizing cost/throughput for data pipelines or security platform ingestion.
Comfort with basic front-end for internal self-service tools (e.g., lightweight UIs, ChatOps).

What Success Would Look Like

Toil reduction and time-to-complete improvements for automated workflows.
Playbook success rate, latency, and reduction in manual escalations.
Coverage of automation across priority platforms (e.g., % alerts triaged/enriched automatically, % standard changes automated).
Deployment reliability (pipeline success, rollback readiness, change-related incident reduction).
Quality and completeness of audit-ready evidence produced automatically by automation jobs.

Tools & Environment

Language: Python (primary)
DevOps: GitHub/GitHub Actions or Azure DevOps; container builds; secrets management (e.g., Key Vault/Secrets Manager)
Integrations: REST/GraphQL APIs, ServiceNow/CMDB, identity platforms, cloud provider SDKs
Security platforms: SIEM/SOAR (e.g., Splunk, Cortex XSIAM/XSOAR), EDR (e.g., SentinelOne/Defender), Vulnerability Mgmt (e.g., Rapid7/Tenable), Email/Data Security (e.g., MDO/Proofpoint)
Nice-to-have: Terraform/Ansible, message queues (Event Hub/Kafka/SQS), simple UI/ChatOps front-ends

Intitulé du poste

Ingénieur/e principal en automatisation

Résumé Nous recherchons un/e Ingénieur/e principal en automatisation (P5) pour concevoir, livrer et faire évoluer des automatisations qui alimentent nos plateformes et opérations de cybersécurité. Vous serez responsable de la stratégie et de l’exécution de l’automatisation à travers les flux SIEM, SOAR, endpoints, gestion des vulnérabilités et sécurité cloud - en éliminant les tâches manuelles, en standardisant les déploiements et en intégrant la fiabilité dans nos opérations.

Note:

Poste à distance, mais le candidat doit résider dans un rayon de 50 km de l’une des localisations suivantes : Mississauga, Ontario, Saint-Laurent, Québec, Calgary, Alberta, Vancouver, Colombie-Britannique

Ce que vous ferez

Définir et piloter la feuille de route d’automatisation alignée sur les runbooks des plateformes et les objectifs trimestriels ; prioriser les cas d’usage à forte valeur ajoutée qui réduisent l’effort manuel et améliorent la rapidité/la qualité.
Concevoir, implémenter et maintenir des playbooks, micro-services et scripts en Python pour l’enrichissement, la prise de décision, la remédiation et la collecte de preuves.
Fournir des capacités en libre-service (CLI/ChatOps/UI) permettant aux équipes plateformes et SOC/IR d’exécuter des actions standardisées de manière sûre et répétée.
Développer des intégrations API robustes entre les outils de sécurité et les systèmes d’entreprise (ex. SIEM/SOAR, endpoints, scanners de vulnérabilités, ServiceNow/tickets, CMDB, identité, services cloud).
Mettre en œuvre des workflows CI/CD (GitHub Actions/Azure DevOps/GitLab CI), la promotion des environnements, la gestion des secrets et la sécurité des rollback pour le code d’automatisation.
Ajouter de l’observabilité à l’automatisation (logs structurés, métriques, traces, alertes) ; suivre le succès/échec des playbooks, la latence et les budgets d’erreurs.
Agir en tant que leader technique pour les initiatives d’automatisation ; encadrer les ingénieurs sur Python, les modèles d’intégration et le CI/CD.
Collaborer étroitement avec SOC/IR, Ops plateformes, Cloud/Infra et GRC pour aligner l’automatisation sur les besoins opérationnels, de résilience et de conformité.

Ce que vous apportez

Expertise avancée en Python (conception de packages/services maintenables, modèles asynchrones, tests, packaging, gestion des dépendances).
Expérience pratique dans la création d’intégrations API (REST/GraphQL), la gestion des flux d’authentification (OAuth2, JWT) et la manipulation de JSON/logs structurés.
Compétences démontrées en DevOps : pipelines CI/CD, versioning des artefacts, orchestration des releases et familiarité avec les conteneurs (Docker).
Expérience pratique dans au moins deux domaines sécurité/plateformes (ex. SIEM/SOAR, endpoint/EDR, gestion des vulnérabilités, sécurité email/données, sécurité cloud).
Excellentes compétences en communication et historique de livraisons fiables d’automatisations améliorant les opérations de manière mesurable.

Exigences minimales Diplôme ou équivalent et généralement 10+ années d’expérience pertinente. Moins d’années requises si titulaire d’un Master ou Doctorat pertinent.

Compétences et expériences souhaitées

Expérience avec Terraform ou Ansible pour le provisioning/la configuration.
Familiarité avec les modèles événementiels (webhooks, files de messages) et les environnements serverless.
Expérience dans l’optimisation des coûts/débits pour les pipelines de données ou l’ingestion des plateformes de sécurité.
Aisance avec le développement front-end basique pour des outils internes en libre-service (ex. interfaces légères, ChatOps).

Indicateur de succès

Réduction des tâches manuelles et amélioration des délais d’exécution pour les workflows automatisés.
Taux de succès des playbooks, latence et réduction des escalades manuelles.
Couverture de l’automatisation sur les plateformes prioritaires (ex. % d’alertes triées/enrichies automatiquement, % de changements standard automatisés).
Fiabilité des déploiements (succès des pipelines, préparation des rollback, réduction des incidents liés aux changements).
Qualité et exhaustivité des preuves prêtes pour audit générées automatiquement par les jobs d’automatisation.

Outils et environnement

Langage : Python (principal)
DevOps : GitHub/GitHub Actions ou Azure DevOps ; builds de conteneurs ; gestion des secrets (ex . click apply for full job details

Network Orchestration Engineer

Johns Hopkins Applied Physics Laboratory (APL)

Laurel, MD, United States

In office

Mid - Senior

$100,000 - $245,000

+10

Description

Are you passionate about solving real-world network engineering challenges?

Do you want to perform advanced research, development, and test & evaluation of ground breaking communications systems and technologies?

If so, we want you to join our innovative team of engineers solving some of the most complex and evolving networking challenges.

We’re looking for a versatile Networking Orchestration Engineer who thrives in a mission-driven environment and is excited to contribute to the development of operational prototypes and specialized network capabilities.

As a Network Orchestration Engineer, you will…

Research and experiment with emerging networking technologies to implement real-world, practical communications systems and capabilities to address a variety of evolving operational needs.
Design, build, and orchestrate large scale virtualized networking environments using both on-prem and cloud services in order to implement threat-representative network environments tailored for unique missions.
Collaborate directly with sponsors and collaborators to understand their toughest networking challenges and craft effective solutions.

Qualifications

You meet the minimum qualifications for this position if you…

Have a Bachelor’s degree in Computer Science, Computer Engineering, Network Engineering, Information Systems, or a closely related technical field.
Have at least five years of relevant experience in advanced network engineering and software automation, including software-defined networking, cloud infrastructure, observability, and modern routing/virtualization technologies.
The ability to obtain an Interim Top Secret level security clearance by your start date and can ultimately obtain a Top Secret level clearance. If selected, you will be subject to a government security clearance investigation and must meet the requirements for access to classified information. Eligibility requirements include U.S. citizenship.

You’ll go above and beyond our minimum requirements if you…

Have the ability to be a creative networking guide who flourishes with solving tough, undefined problems by applying unique and innovative approaches.
Are able to design, build, and test practical, working solutions from the ground up using your deep knowledge and experience in:
- Building software solutions that enhance network orchestration, automate complex workflows, and provide deep insight through traffic analysis
- IP networking fundamentals (layers 2 and above)
- Linux networking (IP stack, routing, iptables, network namespaces, etc.)
- Hybrid Cloud infrastructure automation (Terraform, Packer)
- Configuration management and automation(Ansible, Puppet, Chef, Salt)
- Containers, and orchestration (Docker, Kubernetes)
- GitOps workflows and CI/CD pipelines (GitLab CI, Jenkins)
- Python or languages applied to network automation and tool development
- Software Defined Network (SDN) and/or Software Defined WAN (SD-WAN) technologies
- Network virtualization and overlay technologies (VXLAN, EVPN, MPLS, segment routing)
- Routing and switching protocols (BGP, OSPF, IS-IS, STP, etc.)
- Network telemetry and observability (NetFlow, SNMP, Prometheus, Grafana, ELK)
- Design and Integration of Network APIs and interfaces (NETCONF, RESTCONF, gRPC)
- Virtual networking and NFV concepts (vRouters, vSwitches, service chaining, CORE, GNS3)
- Network Traffic generation and analytics
Take initiative and thrive in a collaborative, problem-solving environment.
Are passionate about national security, networking innovation, and making a real-world mission impact.

#LI-AG1

About Us

Why Work at APL?

The Johns Hopkins University Applied Physics Laboratory (APL) brings world-class expertise to our nation’s most critical defense, security, space and science challenges. While we are dedicated to solving complex challenges and pioneering new technologies, what makes us truly outstanding is our culture. We offer a vibrant, welcoming atmosphere where you can bring your authentic self to work, continue to grow, and build strong connections with inspiring teammates.

At APL, we celebrate our differences of perspectives and encourage creativity and bold, new ideas. Our employees enjoy generous benefits, including a robust education assistance program, unparalleled retirement contributions, and a healthy work/life balance. APL’s campus is located in the Baltimore-Washington metro area. Learn more about our career opportunities at http://www.jhuapl.edu/careers.

All qualified applicants will receive consideration for employment without regard to race, creed, color, religion, sex, gender identity or expression, sexual orientation, national origin, age, physical or mental disability, genetic information, veteran status, occupation, marital or familial status, political opinion, personal appearance, or any other characteristic protected by applicable law. APL is committed to providing reasonable accommodation to individuals of all abilities, including those with disabilities. If you require a reasonable accommodation to participate in any part of the hiring process, please contact Accommodations@jhuapl.edu.

The referenced pay range is based on JHU APL’s good faith belief at the time of posting. Actual compensation may vary based on factors such as geographic location, work experience, market conditions, education/training and skill level with consideration for internal parity. For salaried employees scheduled to work less than 40 hours per week, annual salary will be prorated based on the number of hours worked. APL may offer bonuses or other forms of compensation per internal policy and/or contractual designation. Additional compensation may be provided in the form of a sign-on bonus, relocation benefits, locality allowance or discretionary payments for exceptional performance. APL provides eligible staff with a comprehensive benefits package including retirement plans, paid time off, medical, dental, vision, life insurance, short-term disability, long-term disability, flexible spending accounts, education assistance, and training and development. Applications are accepted on a rolling basis.

Minimum Rate

$100,000 Annually

Maximum Rate

$245,000 Annually

Page 1 of 2

Frequently asked questions

You can find a wide range of Terraform-related roles including DevOps Engineer, Cloud Infrastructure Engineer, Site Reliability Engineer (SRE), and Cloud Automation Specialist positions across various industries.

Our job listings cover all experience levels, from entry-level roles requiring basic knowledge of Terraform to senior positions requiring extensive hands-on experience with infrastructure as code and cloud environments.

Most Terraform jobs involve working with popular cloud platforms such as AWS, Microsoft Azure, Google Cloud Platform (GCP), and sometimes multi-cloud environments.

While not always mandatory, certifications like HashiCorp Certified: Terraform Associate or cloud provider certifications (AWS, Azure, GCP) can significantly boost your chances and demonstrate your proficiency.

Building a strong portfolio of Terraform projects, contributing to open-source infrastructure code, getting certified, and staying updated on cloud technologies will help you stand out to recruiters and employers.