Principal DevOps Engineer
Center for Internet Security
full-time
Posted on:
Location Type: Remote
Location: Remote • 🇺🇸 United States
Visit company websiteSalary
💰 $126,700 - $221,700 per year
Job Level
Lead
Tech Stack
AWSCloudEC2GrafanaKubernetesPrometheusTerraform
About the role
- Architect and implement secure, production-grade EKS clusters using infrastructure-as-code (IaC) and GitOps principles
- Integrate and configure open-source tools including ArgoCD (GitOps), Kyverno (policy enforcement), Karpenter (autoscaling), and the Grafana stack (monitoring and observability)
- Ensure security best practices are applied across all infrastructure components, including IAM, network policies, secrets management, and container runtime configurations
- Design and enforce Kubernetes security policies, RBAC, and network segmentation using tools like Kyverno and AWS-native controls
- Collaborate with Product and Platform teams to ensure infrastructure meets performance, reliability, and compliance requirements
- Build and maintain CI/CD pipelines with embedded security checks, vulnerability scanning, and policy validation
- Develop reusable Terraform modules and Helm charts that enforce secure defaults and compliance standards
- Monitor and troubleshoot production workloads, ensuring high availability, performance, and security posture
- Participate in an on-call rotation to support production systems and respond to incidents
- Advocate for DevSecOps principles and mentor engineers on secure cloud-native tooling and automation
- Evaluate emerging technologies and make strategic recommendations to leadership, with a focus on security and operational excellence
- Document architecture decisions, operational runbooks, and incident response procedures with a security-first mindset
- Other tasks and responsibilities as assigned
Requirements
- Bachelor’s degree in Computer Science, Engineering, or related field*
- 8+ years of experience in DevOps, site reliability engineering, or cloud infrastructure roles
- Deep expertise with Kubernetes (preferably EKS) in production environments
- Hands-on experience with ArgoCD, Karpenter, Prometheus, Grafana, Loki, and Tempo
- Proficiency in Terraform and Helm for infrastructure and application deployment
- Strong understanding of GitOps workflows and CI/CD pipeline design
- Experience with AWS services including IAM, VPC, EC2, S3, and CloudWatch
- Solid grasp of container security, Kubernetes RBAC, and policy-as-code (PaC)
- Excellent troubleshooting skills across infrastructure, networking, and application layers
- Strong communication skills and ability to work effectively with remote teams
- Must be authorized to work in the United States
- * Additional years of relevant experience or a combination of an Associate’s degree or equivalent and relevant experience may be substituted for the Bachelor’s degree.
Benefits
- Health (PPO, EPO, HSA), Dental & Vision Insurance eligibility starting from the first day of hire
- $500 wellness card for Health Coverage Participants
- 401(k) with 4% Company Match, vested from the first day of hire
- Flexible Spending Account (FSA) & Dependent Care Account (DCA)
- Life Insurance
- Bonding Leave
- Paid Volunteering Program
- Bonus eligibility
- Paid Time Off (PTO) inclusive of vacation, personal and sick time
- Paid Holidays
- Wellness Program
- Employee Engagement Activities
- Professional Development Opportunities
- Tuition Reimbursement
- Student Loan PayDown Program
- Employee Referral program
- Employee Assistance Program
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
KubernetesEKSTerraformHelmGitOpsCI/CDcontainer securitypolicy-as-codetroubleshootingvulnerability scanning
Soft skills
communicationcollaborationmentoringtroubleshootingadvocacy