Senior Cloud Infrastructure Engineer

ROLE OVERVIEW

Aquia is looking for a Senior Cloud Infrastructure Engineer to join a high-performing engineering team supporting a strategic Federal agency. In this role, you will be a key technical leader and "force multiplier," responsible for writing production-grade infrastructure, managing robust CI/CD pipelines, and serving as a security-focused partner to engineering teams. You will work in a cloud-first (AWS) environment, bringing a security-first mindset to everything you build and review. 

KEY RESPONSIBILITIES

Infrastructure & IaC

• Author, review, and maintain reusable Terraform modules for standardized cloud infrastructure provisioning on AWS. 
• Enforce IaC best practices including state management, module versioning, and least-privilege IAM design
• Conduct Terraform code reviews and mentor mid-level engineers on infrastructure patterns

CI/CD Pipeline Management

• Design, build, and maintain Jenkins pipelines for automated build, test, and deployment workflows
• Standardize rootless container build workflows to ensure secure, daemonless image creation within CI/CD pipelines.
• Continuously improve pipeline reliability, performance, and security gate coverage

Go Development

• Write and deploy Go services and tooling within CI/CD pipelines and cloud environments
• Maintain code quality through idiomatic Go patterns, unit testing, and peer review

Python Application Development

• Own ongoing development and maintenance of two Python applications, including bug fixes, feature work, and dependency management
• Ensure applications meet security and compliance requirements appropriate for the federal environment

Observability & Log Management

• Oversee the configuration and deployment of log aggregation tools to support monitoring and data fidelity. 
• Collaborate with security and operations teams to ensure log completeness and data fidelity

Containerization

• Build and maintain Docker images and container workflows across development and production environments
• Advocate for container security best practices, ensuring images are built and stored using secure, daemonless methods. 

Security Partnership & Advisory

• Serve as a security point of contact (POC) for other engineering teams, providing guidance on vulnerability management, patching strategy, and remediation
• Review code and infrastructure changes through a security lens and drive adoption of secure-by-design practices
• Assist teams in triaging findings, prioritizing remediation efforts, and meeting compliance-driven patch SLAs

REQUIRED QUALIFICATIONS

• 7+ years of professional software engineering experience, with at least 3 years in a cloud or federal IT environment
• Proficiency in Terraform: authoring and reviewing modules, remote state management, and CI-integrated plan/apply workflows
• Hands-on Jenkins experience: pipeline-as-code (Declarative or Scripted), shared libraries, and multi-stage pipelines
• Strong Go development experience, including deployment within automated pipeline environments
• Strong Python skills with demonstrated ownership of maintained applications
• Docker experience: image authoring, multi-stage builds, and container security fundamentals
• Experience with r daemonless container build tools
• Solid AWS knowledge across core services (EC2, S3, IAM, VPC, ECS/EKS, Lambda, etc.)
• Security-minded approach to engineering: comfortable with vulnerability triage, patching workflows, and cross-team security advisory
• Ability to obtain a U.S. federal Public Trust clearance (can be completed at hire; U.S. citizenship or permanent residency required)

PREFERRED QUALIFICATIONS

• Experience working with federal agency environments
• Familiarity with FedRAMP, FISMA, or NIST 800-53 control frameworks
• Experience with Zero Trust Architecture principles and implementation
• AWS certifications (e.g., Solutions Architect, DevOps Engineer, Security Specialty) or Security certifications (e.g., CISSP, CISM, vendor-specific certifications)
• Comfort working in highly regulated, compliance-driven environments