Senior Systems Engineer II
Spectraforce
US
Remote
2 hours ago
Job Description
Title: Senior Systems Engineer II
Location: Remote
Duration: 6 Months
Note:
*This position supports a U.S. government contract that requires U.S. citizenship
*This position also requires the chosen contract worker to achieve Public Trust security clearance.
Job Summary
We’re looking for a Senior Systems Engineer II to design, automate, and operate secure, reliable infrastructure at scale. You’ll lead with Infrastructure as Code (IaC)—primarily Terraform—and orchestrate delivery using Ansible and platforms like Spacelift. You’ll champion platform security (secrets management, RBAC), CI/CD (GitHub Actions, Azure DevOps), and configuration/data hygiene (CMDB), while documenting processes that raise the bar for the whole engineering org.
Experience: 5+ years in Systems/Platform/SRE roles
What you’ll do
At SPECTRAFORCE, we are committed to maintaining a workplace that ensures fair compensation and wage transparency in adherence with all applicable state and local laws. This position’s starting pay is: $ 75.00/hr.
Location: Remote
Duration: 6 Months
Note:
*This position supports a U.S. government contract that requires U.S. citizenship
*This position also requires the chosen contract worker to achieve Public Trust security clearance.
Job Summary
We’re looking for a Senior Systems Engineer II to design, automate, and operate secure, reliable infrastructure at scale. You’ll lead with Infrastructure as Code (IaC)—primarily Terraform—and orchestrate delivery using Ansible and platforms like Spacelift. You’ll champion platform security (secrets management, RBAC), CI/CD (GitHub Actions, Azure DevOps), and configuration/data hygiene (CMDB), while documenting processes that raise the bar for the whole engineering org.
Experience: 5+ years in Systems/Platform/SRE roles
What you’ll do
- Design & build IaC: Own Terraform modules, state management, and environment baselines; implement policy-as-code and drift detection (e.g., with Spacelift).
- Automate operations: Use Ansible for golden image builds, patching, and configuration orchestration across Linux/Windows fleets.
- Secure the platform: Integrate and operate secrets managers (e.g., Azure Key Vault, HashiCorp Vault); implement least-privilege RBAC across cloud and tooling.
- Own CI/CD workflows: Design, maintain, and troubleshoot pipelines in GitHub Actions and Azure DevOps (multi-stage, approvals, artifact/versioning).
- Reliability & observability: Contribute to SLIs/SLOs, logging/metrics/alerting, capacity planning, and performance tuning.
- CMDB stewardship: Keep services and dependencies accurate in the CMDB; drive discovery, metadata quality, and change traceability.
- Governance & change: Participate in change control (CAB), incident response, and post-incident reviews; implement corrective actions via code.
- Documentation & enablement: Produce clear runbooks, diagrams, and “how-to” guides; mentor engineers on IaC, security, and operational best practice.
- Continuous improvement: Identify toil and remove it with automation; propose roadmap items that improve reliability, security, and developer velocity.
- 5+ years in systems engineering, platform engineering, DevOps, or SRE roles.
- Terraform at scale (modules, workspaces, remote state, policies, reviews).
- IaC tooling: Ansible (roles/playbooks) and Spacelift (or similar IaC orchestration).
- Secrets management: Azure Key Vault, HashiCorp Vault, or equivalent; key rotation and secret scanning practices.
- CI/CD: GitHub Actions and Azure DevOps (pipelines, runners/agents, approvals, environment protections).
- RBAC: Designing and enforcing least-privilege access across cloud, repos, pipelines, and platforms.
- CMDB usage and data quality practices (service ownership, relationships, change traceability).
- Strong scripting (PowerShell and/or Python or Bash) and version control (Git, trunk-based or GitFlow).
- Linux / Unix experience in addition to Windows Servers and Endpoints.
- Excellent documentation—able to translate complex systems into simple, repeatable procedures.
- Azure (preferred) and/or multi-cloud experience; networking fundamentals (VNet/VPC, DNS, VPN, WAF, load balancers).
- Policy-as-code (OPA/Conftest/Sentinel), artifact registries, SBOM, and supply-chain security.
- Observability stacks (Azure Monitor, Prometheus/Grafana, ELK) and incident management.
- Containers and orchestration (Docker, AKS/Kubernetes) and image hardening.
- Experience working within ISO 27001 / SOC 2 / NCSC guidance or similar UK/EU frameworks.
- 90–95% of infrastructure defined and managed via Terraform with reviewed modules.
- Mean time to deploy and change failure rate improved via robust pipelines in GitHub Actions/Azure DevOps.
- Secrets posture improved (no hard-coded secrets, rotation policy implemented).
- RBAC standardised with least-privilege roles and periodic access reviews.
- CMDB accuracy and service ownership ? 90%, with automated discovery/enrichment.
- High-quality runbooks and diagrams enabling faster onboarding and incident response.
Applicant Notices & Disclaimers
- For information on benefits, equal opportunity employment, and location-specific applicant notices, click here
At SPECTRAFORCE, we are committed to maintaining a workplace that ensures fair compensation and wage transparency in adherence with all applicable state and local laws. This position’s starting pay is: $ 75.00/hr.