This is a U.S. based position. All of the programs we support require U.S. citizenship to be eligible for employment. All work must be conducted within the continental U.S.About the role: Raft builds mission-critical data, AI, and operational platforms that support time-sensitive decisions across multiple classification levels and deployment environments. Our systems move from cloud-hosted development environments into classified, on-premises, and edge deployments where reliability, security, and repeatability matter.
As an Associate DevOps Engineer, you will help secure, deploy, and operate the platforms behind [R]DP, [R]AP, [R]AIMS, and Raft's MLOps workflows. This is not a narrow infrastructure role. You will learn how the software works, how data moves through the platform, how Kubernetes workloads behave in production, and how security controls become part of everyday delivery rather than an after-the-fact checklist.
What makes this role different is the breadth of what you'll be exposed to. CI/CD, GitOps, Kubernetes, Helm charts, observability, secure configuration, data pipelines, ML serving, and customer deployments all show up in the same workstream. You will work alongside experienced platform, software, data, and security engineers while taking ownership of well-scoped work. The right person is curious, disciplined, willing to troubleshoot deeply, and ready to grow into broader platform ownership over time.
What You'll Do- Implement, maintain, and troubleshoot Kubernetes-based platform infrastructure under the guidance of senior engineers
- Build and maintain CI/CD and GitOps workflows using tools such as GitLab CI, Argo CD, Flux, Helm, and repository-managed deployment configuration
- Support secure software delivery practices including container hardening, vulnerability scanning, image provenance checks, secrets hygiene, and policy-driven deployment gates
- Help operate cloud, on-premises, and disconnected deployments across AWS, Azure, data center, and tactical environments
- Deploy and debug services, Helm charts, service mesh configuration, Kubernetes networking, storage, and runtime behavior
- Support observability across Prometheus, Grafana, Fluent Bit, Loki, Kibana, OpenTelemetry, or similar tooling so issues can be detected and resolved quickly
- Work with software and data engineers to understand service dependencies, data flows, and operational failure modes
- Support data and MLOps workloads that may include Kafka, Flink, Pinot, KServe, Kubeflow, Ray, GPU-enabled workloads, and model-serving workflows
- Write maintainable automation and small tools in Go, Java, Python, Bash, or similar languages to reduce manual effort and improve repeatability
- Contribute to compliance-driven delivery practices aligned with RMF, STIGs, NIST 800-53, IL4/IL5/IL6, and customer-specific security requirements
- Document operational procedures, deployment notes, troubleshooting steps, and lessons learned in a way other engineers can reuse
What we are looking for: - 1 to 3 years of hands-on experience in DevSecOps, DevOps, platform engineering, cloud infrastructure, systems administration, cybersecurity engineering, or a closely related role
- Working familiarity with Linux, containers, Docker, and Kubernetes concepts, including pods, services, deployments, config maps, secrets, ingress, and basic troubleshooting
- Experience building, running, or supporting CI/CD pipelines; exposure to GitLab CI, GitHub Actions, Jenkins, Argo CD, Flux, or similar tools
- Exposure to Infrastructure as Code or configuration management with Terraform, Ansible, Helm, Kustomize, or similar tooling
- Understanding of foundational security practices such as least privilege, vulnerability management, container image scanning, secrets handling, secure configuration, and auditability
- Ability to read application logs, inspect runtime configuration, use command-line tooling, and follow evidence to root cause
- Basic scripting or programming ability in Go, Java, Python, Bash, or a comparable language
- Interest in data platforms, streaming systems, MLOps, and operational AI/ML workloads; prior exposure to Kafka, Flink, KServe, Kubeflow, or Ray is a plus
- Strong written communication and willingness to document work clearly for teammates, customers, and future operators
- Active Secret clearance required; must be eligible for and willing to obtain a Top Secret/SCI clearance
- Ability to obtain Security+ certification within the first 90 days of employment
- Ability to travel up to 30%
Highly preferred:- Hands-on experience deploying applications with Helm or Kustomize in a Kubernetes environment
- Exposure to GitOps workflows and continuous delivery across multiple environments
- Familiarity with AWS or Azure fundamentals including IAM, networking, storage, compute, and managed Kubernetes services
- Exposure to service mesh technologies such as Istio, including mTLS, traffic routing, and observability concepts
- Familiarity with security and compliance frameworks used in government delivery, including RMF, STIGs, FedRAMP, NIST 800-53, and IL4/IL5/IL6 controls
- Experience supporting air-gapped, disconnected, classified, or resource-constrained deployments
- Exposure to SBOMs, SCA, SAST, DAST, container scanning, admission control, OPA/Gatekeeper, Kyverno, Sigstore, or similar supply chain security tooling
- Existing TS/SCI clearance strongly preferred
What Success Looks Like- You reliably execute assigned deployment, automation, observability, and security tasks with clear communication and good follow-through
- You can explain what changed, why it changed, how it was verified, and what risk remains
- You grow quickly from following runbooks to improving them, then to owning small platform improvements end to end
- Senior engineers trust you with well-defined operational work because you investigate carefully and escalate the right issues early
- Security and compliance practices show up in your daily work: pipelines, manifests, secrets, images, documentation, and operational handoffs are kept clean
Clearance Requirements:- Active Secret Clearance Required; TS/SCI eligibility required
Salary Range: $120,000.00 - $160,000.00Work Type:- Hybrid with up to 30% travel
What we will offer you: - Highly competitive salary
- Fully covered healthcare, dental, and vision coverage
- 401(k) and company match
- Take as you need PTO + 11 paid holidays
- Education & training benefits
- Generous Referral Bonuses
- And More!
