HERE is a company that provides an enterprise-grade browser designed for regulated industries. They are seeking a Government focused DevOps Engineer to manage CI/CD pipeline engineering and cloud operations, ensuring infrastructure compliance with federal standards while supporting public sector clients.
Responsibilities:
- Build, maintain, and optimize CI/CD pipelines for multi-platform builds (Windows, macOS, Linux)
- Work with YAML configurations, pipeline stages, artifacts, and deployment workflows
- Integrate security and vulnerability scanning tools directly into the CI/CD pipeline to support automated compliance validations (DevSecOps)
- Help maintain and improve AWS infrastructure including ECS/Fargate deployments, RDS databases, Route53 DNS, VPC networking, and IAM policies
- Support multi-tenant, multi-region, and highly isolated or public-sector specific cloud architectures (e.g., AWS GovCloud deployments)
- Work with Docker containers, ECS task definitions, and ECR registries
- Deploy and manage containerized Node.js applications in production environments
- Assist in the implementation of hardened container base-images aligned with federal or highly-regulated industry security benchmarks
- Help manage release processes including version promotion, release channels (canary, beta, stable), and automated deployment to staging and production environments
- Support PostgreSQL on AWS RDS—backups, SSH tunneling through bastion hosts, read-only user management, and database configuration for multi-tenant environments
- Write and maintain automation scripts in Bash, PowerShell, Python, and Node.js
- Build tools to improve infrastructure reliability and developer experience
- Help maintain web-based DevOps tools built with Express.js, React, and TypeScript—tools for cloud settings management, tenant provisioning, and deployment monitoring
Requirements:
- 2 to 4 years of experience with GitLab CI/CD: Experience with GitLab CI/CD pipelines—YAML configuration, stages, jobs, artifacts, rules, dependencies
- Understanding of CI/CD best practices and pipeline optimization
- Production level experience with core AWS services—EC2, ECS/Fargate, RDS, Route53, VPC, IAM, Secrets Manager, CloudWatch. Comfortable navigating the AWS Console and CLI
- Solid scripting skills in Bash (Linux) and PowerShell (Windows). Ability to write maintainable automation scripts for both platforms
- Hands-on Docker experience—building images, writing Dockerfiles, docker-compose, understanding container networking, and working with ECS/ECR
- Experience with build tools and package managers—npm/Node.js, .NET/NuGet, Python packaging. Understanding of dependency management and build artifacts
- Strong Git fundamentals—branching strategies, merge requests, tagging. Experience with GitHub (or GitLab) workflows and code review practices
- Comfortable in both Linux/Unix & Windows environments—SSH, file permissions, package managers, systemd, PowerShell. Understanding of cross-platform operational challenges
- Comfortable reading and writing JavaScript/Node.js code. Experience with npm, package.json, and basic Express.js applications for tooling
- Functional knowledge of federal compliance frameworks like FedRAMP, NIST SP 800-53, DISA STIGs, or DoD Cloud SRG (IL4-IL6)
- U.S. citizenship is mandatory; holding an active Secret clearance is preferred, or the ability to obtain one as required
- Ability to function effectively under stringent change control processes, regular auditing, and detailed documentation standards
- Kubernetes experience (EKS, GKE, AKS) or willingness to learn, we're migrating from ECS to K8s
- Multi-cloud experience (Azure, GCP) or cloud-agnostic architecture knowledge
- GitLab Runner administration and configuration
- AWS CDK or CloudFormation for Infrastructure as Code
- Terraform for multi-cloud infrastructure management
- TypeScript development experience
- PostgreSQL database administration and optimization
- .NET build systems and NuGet package management
- React or frontend framework experience
- Airflow or workflow orchestration tools
- Helm charts and Kubernetes manifest management
- Familiarity with FIPS 140-2/3 cryptographic compliance standards
- Hands-on experience with GitHub Actions administration and environment scaling
- Exposure to enterprise secret management tools like HashiCorp Vault or CyberArk
- Direct support of ATO (Authority to Operate) processes and eMASS documentation