Note: The job is a remote job and is open to candidates in USA. Bladestack.io is seeking a hands-on, automation-obsessed Senior Site Reliability Engineer to build and operate FedRAMP-authorized cloud environments across Azure, AWS, and GCP. This role focuses on the execution and upkeep of compliance-driven infrastructure while collaborating with security analysts to resolve incidents and minimize service interruptions.
Responsibilities
- Execute the build, configuration, and ongoing maintenance of FedRAMP boundary environments across Azure (preferred), AWS, and GCP, ensuring high availability, performance, and reliability
- Define, provision, and manage infrastructure using Terraform as the primary IaC tool
- Design and maintain hardened, golden machine images using HashiCorp Packer, aligned to CIS Benchmarks and DISA STIGs
- Administer and maintain RHEL 8/9 (priority) and Windows Server systems in cloud-only environments, including patching, configuration, and lifecycle management
- Automate and optimize patch management
- Track, remediate, and report vulnerabilities within strict FedRAMP SLAs
- Operate continuous monitoring and logging stacks, managing alerts and pipelines to ensure proactive system health
- Participate in a shared on-call rotation for production FedRAMP environments, responding to availability, performance, and security incidents within defined SLA windows
- Build, test, and maintain secure baseline images and configurations compliant with CIS Benchmarks and DISA STIGs
- Implement automated compliance monitoring and remediation guardrails using cloud-native and third-party tooling (e.g., AWS Config, Security Hub, Azure Policy, OpenSCAP, Cloud Custodian)
- Ensure systems align with FedRAMP, NIST 800-53, CMMC, and RMF requirements — understanding why we secure things, not just how
- Automate the collection of evidence for audits, writing scripts and tooling that demonstrate security posture and reduce manual effort
- Write and maintain robust scripts (Bash, Python, Go) to automate provisioning, auditing, monitoring, and reporting tasks
- Integrate compliance checks, container scanning, and security guardrails into CI/CD pipelines (GitHub Actions, GitLab CI, Azure DevOps, or equivalent)
- Collaborate with the Engineering Manager, lead engineers, and security analysts to deliver and operate environments; provide technical guidance to junior team members as needed
Skills
- U.S. Person Status: Must be a U.S. Person (U.S. citizen, national, or lawful permanent resident)
- Experience: 5+ years engineering and operating cloud infrastructure in enterprise or compliance-driven environments
- Cloud Certification: An active cloud certification is required — Azure (e.g., AZ-104 / AZ-305) strongly preferred; equivalent AWS or GCP certifications are also valued
- Infrastructure as Code: Strong, demonstrable proficiency with Terraform, including module design and remote state management
- Linux Administration: Deep hands-on experience administering RHEL 8/9 (priority) and other Linux distributions in cloud environments
- Windows Administration: Working proficiency administering Windows Server in enterprise/cloud environments
- Automation: Proven scripting expertise (Python, Bash) and configuration management experience (Ansible or equivalent)
- Compliance Knowledge: Working knowledge of NIST 800-53, FedRAMP, or DoD SRG/STIGs
- FedRAMP Audit Experience: Direct experience supporting a FedRAMP authorization or having been through a 3PAO assessment is highly desirable
- Image Automation: Hands-on experience with HashiCorp Packer for golden image pipelines
- Containerization: Experience managing and securing containerized workloads (Kubernetes/EKS/AKS/GKE, Docker)
- Additional Certifications: RHCE, HashiCorp Terraform Associate, CKA, or AWS/GCP/Azure specialty certifications
- Advanced Tooling: Familiarity with compliance-as-code tools (Chef InSpec, OpenSCAP, Osquery) and vulnerability scanners (Nessus/Tenable, Rapid7)
- Clearance: Active Secret or Top Secret clearance (or eligibility) is a plus
Benefits
- Bladestack.io pays 100% of employee and dependent medical, vision, and dental coverage.
- Competitive 401k matching.
- Unlimited PTO and 14 paid holidays.
- Tuition reimbursement and paid certifications. We want you to stay sharp.
- Work with the best and brightest in the field. We value work-life balance and professional growth equally.
Company Overview