Senior Site Reliability Engineer - Government Cloud

Tines is a company founded in 2018 that powers important workflows through its intelligent workflow platform. They are seeking a Senior Site Reliability Engineer to build and operate the AWS GovCloud environment for federal customers, ensuring its reliability and compliance while enabling product engineers to integrate features seamlessly.

Responsibilities:

• Building and operating the AWS GovCloud environment that will host Tines for federal customers — from foundational network architecture through to production-ready, assessment-ready infrastructure
• Designing and implementing repeatable infrastructure-as-code to provision dedicated customer environments
• Owning the container image pipeline for our government deployment — building, hardening, scanning, and promoting FIPS-compliant images through our CI/CD pipeline using AWS native tooling
• Identifying and fixing availability risks and monitoring gaps to ensure our government environments stay healthy, observable, and auditable
• Working closely with our assessment partners to produce the infrastructure documentation, architecture diagrams, and evidence needed for FedRAMP authorization — and being the person who can walk an assessor through every design decision
• Enabling product engineers to build new features that work seamlessly across our commercial and government environments: observability, logging, and simplifying deployments
• Defining how we separate compliance-restricted functions from day-to-day engineering operations so the team can ship code and respond to incidents without breaking the security boundary
• Supporting our self-hosted federal customers operating in our CMMC environment, including handling escalations and complex, long-running support cases as part of the team's on-call responsibilities
• Designing the infrastructure-as-code library for GovCloud customer provisioning — a repeatable process to stand up an isolated environment with all required AWS services pre-configured with FedRAMP-required encryption and logging
• Building the CI/CD pipeline that promotes container images from development through staging to GovCloud production, with vulnerability scanning gates and change control documentation baked into the workflow
• Creating operational runbooks for customer provisioning, incident response, patching, and disaster recovery that satisfy our assessment requirements
• Setting up monitoring dashboards and alarms that feed into a Tines tenant for automated incident triage — using our own product to operate our government infrastructure
• Building IAM structures and permission boundaries that let engineers deploy and debug in production while maintaining least-privilege access required for compliance
• Monitoring, scaling, and operating data services like OpenSearch in production — managing indexes and retention, tuning for performance, and building in-product tooling that surfaces cluster health and observability to the team
• Collaborating with our Product and Design teams to enable compliance-specific product features like smart card authentication and DNS security extensions
• Writing documentation that helps the broader engineering team understand how to build and test features in a compliance-regulated environment

Requirements:

• 5+ years in an infrastructure, DevOps, or cloud engineering role with meaningful time spent in AWS
• Hands-on experience designing VPC architectures, configuring encryption at rest and in transit, and operating AWS native compute, database, and caching services in production under real workloads
• Experience with infrastructure-as-code like CDK or Terraform in FedRAMP or CMMC environments, preferably supporting a customer-facing SaaS product
• Understanding of what it takes to operate in a compliance-regulated environment
• Comfortable with container image pipelines and hardening
• Good instincts for the boundary between 'locked down for compliance' and 'usable by engineering.'
• Ability to write clearly, producing tech plans, runbooks, and operational documentation
• Broad knowledge across the tech stack, with comfort in learning new technologies