Senior Platform Engineer - Kubernetes Focus – Fully Cleared
Aurora, CO or Meridian, CO (Location is at program discretion)
Applications for this job posting will be accepted on an ongoing basis.
ICR has opportunities available for fully cleared, experienced, and motivated Senior Platform/DevOps Engineers. Successful candidates will be strong engineers who can prioritize well, communicate clearly, and have a consistent track record of delivering secure, resilient, and automated infrastructure in classified environments. You will serve as the technical authority for our Kubernetes platforms, bridging the gap between development velocity and rigorous security compliance.
ICR is an employee-owned company that is proud to offer a comprehensive benefits package designed to meet the needs of our employees and their families. In addition to the industry's most competitive salaries, we offer each employee equity in their company, a generous retirement plan, company-paid health care benefits, and a flexible paid time off policy.
ESSENTIAL DUTIES AND RESPONSIBILITIES
- Architect, administer, and harden production-grade Kubernetes clusters, ensuring high availability, security compliance (CIS/STIG), and operational resilience in classified environments.
- Design and implement secure CI/CD pipelines that integrate automated security scanning (SAST/DAST/Image Scanning), policy enforcement, and seamless deployment strategies.
- Manage Container Network Interfaces (CNI) and cluster networking, troubleshooting complex connectivity issues, configuring Network Policies, and optimizing traffic flow for distributed systems.
- Develop and maintain Infrastructure as Code (IaC) using tools such as Terraform, Ansible, and Helm to ensure consistent, auditable, and repeatable infrastructure deployments.
- Lead incident response and troubleshooting for control plane and worker node issues, utilizing deep diagnostic skills to resolve root causes without service disruption.
- Implement DevSecOps best practices, including secrets management, pod security admission controls, runtime security monitoring, and continuous compliance auditing.
- Collaborate with software development teams to optimize application performance, resource utilization, and deployment patterns within the Kubernetes ecosystem.
- Document and communicate highly technical architectural decisions, operational procedures, and security postures effectively to both technical teams and non-technical stakeholders.
- Mentor junior engineers and drive continuous improvement in platform reliability, automation coverage, and security posture.
REQUIRED SKILLS AND QUALIFICATIONS
- Active Top Secret Security Clearance with SSBI and SCI eligibility - US Citizenship Required
- Bachelor's degree in Computer Science, Computer Engineering, Electrical Engineering, or related field with a minimum of seven (7) years of relevant experience.
- Expert-level proficiency in Kubernetes administration, including control plane components (etcd, API server, scheduler), worker node management, and upgrade strategies.
- Deep understanding of Container Networking (CNI) plugins, including troubleshooting, BGP peering, and Network Policy enforcement.
- Proven experience designing and maintaining CI/CD pipelines (Jenkins, GitLab CI, or similar) with integrated security gates and automated testing.
- Strong proficiency in Infrastructure as Code (IaC) tools such as Terraform, Ansible, and Helm.
- Demonstrated experience implementing security hardening measures (CIS Benchmarks, Pod Security Standards, RBAC, OPA/Gatekeeper, etc) in production environments.
- Proficiency in scripting languages for automation and tooling development.
- Exceptional analytical and problem-solving skills with a methodical approach to troubleshooting complex distributed system failures.
- High level of self-initiative and self-motivation with the ability to work under minimal supervision in a fast-paced, high-stakes environment.
PREFERRED SKILLS AND QUALIFICATIONS
- Experience operating in air-gapped or disconnected environments and managing offline package repositories/registries.
- Proficiency with Rancher, Nexus, Harbor, or similar enterprise container management and registry tools.
- Experience with eBPF-based technologies for advanced networking and security observability.
- Familiarity with Chaos Engineering principles and tools to validate system resilience.
- Experience with Secrets Management solutions.
- Knowledge of monitoring and observability stacks (Prometheus, Grafana, etc.) tailored for Kubernetes.
- Background in DevSecOps, including integrating static/dynamic analysis and vulnerability management into the SDLC.
- Experience supporting US Government/DoD programs and familiarity with RMF, ATO processes, and CDRL deliverables.
- Strong RHEL IPA skills including troubleshooting and implementing resolutions via Ansible deployed architectures.
- Strong ansible skills; ability to troubleshoot, reverse engineer and resolve issues within complex structures within air-gapped deployments.
Salary Range: $138,000 - $236,000 (based on experience and qualifications)
This position offers a comprehensive benefits package that includes company equity, retirement plan, company-paid health care benefits, and flexible paid time off policy, in addition to opportunities for a raise and bonus during the year.
ICR, Inc. considers several factors when extending job offers, including but not limited to candidates' key skills, relevant work and/or military experience, education, training, certifications, and work location.
ICR is proud to be an equal opportunity employer and considers qualified applicants for employment without regard to race, color, creed, religion, national origin, sex, sexual orientation, gender identity and expression, age, disability, veteran status, or any other protected factor.