Senior DevOps Engineer
Raft · Waikiki, Hawaii, United States · 1 wk ago
On-siteEngineering$160k–$200k/yrFull-time
About the role
Raft builds mission-critical data, AI, and operational platforms that process high-volume sensor, operational, and mission data across multiple classification levels. These platforms must run reliably in cloud-hosted, classified on-premises, disconnected, and edge environments where security, repeatability, and customer trust are non-negotiable.
Responsibilities
- Design, implement, and continuously improve secure Kubernetes platform patterns for cloud, on-premises, disconnected, classified, and edge deployments
- Own CI/CD and GitOps delivery architecture using GitHub Workflows, GitLab CI, Argo CD, Flux, Helm, Kustomize, and repository-managed configuration across multiple environments and classification levels
- Lead DevSecOps practices including secure baselines, container hardening, SBOM generation, image signing, vulnerability management, dependency risk reduction, admission policy, secrets hygiene, and compliance-aware deployment gates
- Develop and maintain Infrastructure as Code with Terraform, Ansible, Helm, and supporting automation to make platform provisioning, upgrades, rollback, and environment promotion repeatable
- Partner with software, data, and ML engineers to understand service architecture, pipeline behavior, model-serving requirements, runtime dependencies, and production failure modes
- Support and optimize data-intensive and MLOps workloads using technologies such as Kafka, Flink, Pinot, KServe, Kubeflow, Ray, GPU-enabled nodes, and model-serving pipelines
- Build and refine observability patterns using Prometheus, Grafana, Fluent Bit, Loki, Kibana, OpenTelemetry, Jaeger, Tempo, and alerting workflows that help teams diagnose issues quickly
- Debug complex Kubernetes, Helm, service mesh, Istio, networking, storage, identity, and runtime issues across multi-cluster and multi-environment topologies
- Automate compliance evidence and improve deployment practices aligned with RMF, STIGs, FedRAMP, NIST 800-53, IL4/IL5/IL6, and customer-specific security controls
- Write clean, maintainable automation and platform tooling in Go, Java, Python, Bash, or similar languages to reduce toil and improve developer experience
- Mentor junior engineers, establish repeatable engineering practices, review technical designs, and raise the quality bar for secure platform delivery
- Engage directly with customers and operational stakeholders in Hawaii to support deployments, resolve incidents, explain technical tradeoffs, and convert field lessons into durable platform improvements
Qualifications
- 6+ years of hands-on experience in DevSecOps, platform engineering, DevOps, cloud infrastructure, security engineering, or a closely related role
- 5+ years of production experience with Linux, containers, Docker, Kubernetes, and Kubernetes-based application delivery
- Deep experience building and operating CI/CD and GitOps workflows, preferably with GitLab CI, Argo CD, Flux, Helm, and environment promotion across regulated delivery pipelines
- Strong Kubernetes troubleshooting skills across workloads, controllers, networking, storage, RBAC, admission control, runtime configuration, and cluster health
- Hands-on experience applying software supply chain security practices such as SBOMs, SCA, SAST, DAST, vulnerability scanning, image signing, provenance, policy-as-code, and secure artifact promotion
- Experience with Terraform and Ansible or similar IaC and configuration management tooling for repeatable cloud and on-premises infrastructure delivery
- Strong understanding of security and compliance practices in regulated or government environments, including RMF, STIGs, NIST 800-53, FedRAMP, and IL4/IL5/IL6 considerations
- Experience designing observability patterns and operating production monitoring, logging, alerting, and tracing systems
- Ability to read, reason about, and contribute to application code in Go, Java, Python, or similar languages when deployment, reliability, or security requires it
- Experience supporting data platforms, streaming pipelines, or MLOps workloads; familiarity with Kafka, Flink, Pinot, KServe, Kubeflow, Ray, or GPU-enabled workloads is strongly valued
- Strong technical judgment, written communication, mentoring ability, and customer-facing confidence in high-pressure operational environments
- Active Secret clearance required; must be eligible for and willing to obtain a Top Secret/SCI clearance
- Ability to obtain Security+ certification within the first 90 days of employment
- Must be willing to work onsite in Oahu; candidates must live in or be willing to relocate to Hawaii
- Ability to travel up to 25%