We are seeking a Senior Infrastructure Engineer with a deep specialization in Security Design to lead the evolution of our cloud-native ecosystem. In this role, you will be responsible for architecting, building, and maintaining highly available AWS infrastructure while ensuring that security is not an afterthought, but a core component of the design. You will bridge the gap between systems engineering and cyber defense, building resilient platforms that are "secure by design."

Key Responsibilities

• Infrastructure Security Architecture: Lead the design and implementation of secure AWS infrastructure, ensuring VPC patterns, peering, and transit gateways follow strict security segmentation.
• Kubernetes Platform Engineering: Architect and manage production-grade EKS clusters using Docker and Kubernetes, implementing advanced security controls including OPA/Gatekeeper and workload identity.
• CI/CD Automation: Design and maintain secure automation pipelines using GitHub Actions, ensuring security checks are integrated into the deployment lifecycle.
• Automated Security Infrastructure: Build and maintain central identity and access systems using Keycloak, integrating OIDC/OAuth and LDAP across the enterprise.
• Security as Code: Develop modular, reusable Terraform templates and YAML configurations that incorporate automated compliance checks and security best practices.
• Data & Secret Protection: Manage and secure Postgres DB instances, including encryption strategies and secret management workflows (AWS KMS) to ensure zero-trust data handling.
• Defensive Automation: Develop custom Python-based tooling to automate infrastructure audits, remediation of drift, and security response workflows.

Must-Have Qualifications

• 10+ years in Infrastructure or Systems Engineering with a proven track record of designing secure large-scale environments.
• Expert-level mastery of AWS, Kubernetes, and Docker.
• Mandatory proficiency in Python for infrastructure automation and security tool development.
• Hands-on experience building and managing pipelines with GitHub Actions.
• Expert-level Terraform experience and mastery of YAML for configuration management.
• Practical experience designing and deploying Keycloak and OIDC/OAuth protocols.
• Experience managing and securing Postgres relational databases.

Nice to Have

• Alternative Tools: Experience with Jenkins, Azure DevOps (ADO), or Ruby scripting.
• Shell Scripting: Proficiency in Bash or Shell for system-level maintenance.
• Certifications: AWS Certified Solutions Architect or AWS Certified Security - Specialty.
• Regulatory Knowledge: Experience designing for compliance frameworks such as SOC2, ISO 27001, or NIST.