Cloud Engineer (On-Prem)
Shift5 is seeking a Cloud Engineer (On-Prem) to join our growing team. The primary focus of this role is building and maintaining a hybrid computing infrastructure in support of the Research organization. You will maintain an intranet composed of on-prem servers and AWS services, spec out and procure hardware, install and configure core infrastructure, and manage enclaves with hardware-in-the-loop (HIL) labs. Managing enclaves will involve utilizing and developing automation solutions for site deployments with tools like Ansible and software development for middleware to integrate services and automate tasks. Additionally, you will be responsible for supporting remote users utilizing Tailscale for VPN access and accounts managed with SSO. The secure enclaves you design, implement and manage provide the Research organization’s tools to engage the cyber threats faced by today's operations technology (OT) platforms like planes, trains, and tanks.
Your teammates will consist of Software Reverse Engineers, Product Security Engineers, Cyber Threat Intelligence Analysts, and Cyber Threat Engineers. The team focuses on a wide range of research on defending critical national infrastructure, weapons platforms, and logistics. This position reports directly to the Senior Director of Platform Security.
Shift5 is a rapidly growing data and cybersecurity scale-up. We specialize in capturing and analyzing serial bus data in real time, providing anomaly detection and operational intelligence required to act. Our insights provide real-time alerting and historical trends to assure mission readiness and cyber survivability, and our innovative technology enables military systems to deter adversaries, protect warfighters, and maintain their competitive edge. We are a collaborative, passionate and driven cadre of cyber security experts. Our engineers are multidisciplinary, and our team is dynamic. We’re a growing company focused on helping our customer’s fleets run smarter and safer by capitalizing on mountains of data resting right about the wheels. Come join us.
Research environments include:
- Self-hosted and cloud computing environments.
- On-premise servers & network equipment.
- Remotely accessible enclaves for various research projects.
- Remotely accessible hardware-in-the-loop (HIL) labs.
- Intranet where FOSS and commercial web services are hosted.
- In-house developed middleware and services that automate a wide range of infrastructure tasks.
In this role, you will be expected to:
- Develop automation tools to enhance existing infrastructure.
- Provide basic administration services to a small team of expert technologists.
- Ansible role, playbook, and plugin development.
- Explore and evaluate best-fit software solutions to support the team.
- Build and deploy Docker images for various services.
- Run sites that are delivered over Tailscale VPN.
- Develop and maintain middleware written in Go, Python, or other preferred languages.
- Manage Gitlab-EE and Gitlab-Runners.
- Build CI/CD pipelines, preferably with Gitlab-CI.
- Build new and unique infrastructure solutions for Cyber Threat Engineers & Analysts, Reverse Engineers, and Product Security Engineers.
- Utilize various AWS services, such as Secrets Manager, EC2, Security Groups, Load Balancers, and more.
- Maintain documentation for operating and troubleshooting the on-prem infrastructure.
We're looking for someone who is/has:
- Strong ability to utilize linux systems from the command line.
- Ability to write and utilize Ansible playbooks, roles, and plugins.
- Ability to write bash scripts.
- Ability to configure network firewalls to establish VLANs and manage other basic network security aspects.
- Ability to configure network equipment such as routers, switches, and firewalls.
- Possess strong software development proficiency with Python for the purpose of maintaining and troubleshooting internally developed software.
- Basic experience operating web services such as Gitlab-EE, Traefik, Youtrack.
- Experience or ability to learn Proxmox along with virtualization technologies like KVM/Qemu.
- Ability to build, deploy, and troubleshoot software running within Docker containers.
- Ability to configure computer hardware such as rackmount servers, Single-Board Computers (SBCs), and IoT devices.
- Some familiarity with computer security requirements and standards such as SOC2 and CMMC.
- Ability to utilize Kibana and create visualizations for monitoring purposes.
- Ability to use git, specifically Gitlab, for configuration management.
- Ability to deploy virtual machines with VMWare vSphere.
- Familiarity with authentication technologies like OpenIDConnect, SAML, or LDAP.
- US Citizenship.
- Be able to obtain or hold a US Government Security Clearance.
Compensation & Benefits:
- Competitive salary and stock options in a fast-growing startup
- Employer-paid medical, dental and vision coverage for employees and their families
- Health Savings Account with annual employer contributions
- 401k with employer contributions
- Employer-paid Life Insurance
- Uncapped paid time off policy
- Flexible work & remote work policy
- Tax-deferred public transit benefits with Metro SmartBenefits (DC/MD/VA)
We are committed to building an inclusive culture of belonging that embraces the diversity of our people and represents the communities in which we work and the customers we serve. We know the happiest and highest-performing teams include people with diverse perspectives and ways of solving problems. Therefore, we strive to attract and retain talent from all backgrounds and create workplaces where everyone feels empowered to bring their whole, authentic selves to work.
Shift5 is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sexual orientation, gender identity, national origin, disability, age, marital status, ancestry, protected veteran status, or any other protected group or class.