Senior DevOps Engineer

Who we are:

Raft (https://TeamRaft.com) is a customer-obsessed non-traditional defense tech company dedicated to empowering U.S. military and government agencies with cutting-edge AI/ML and data solutions. We are a leader in autonomous data fusion and Agentic AI, with a purposeful focus on Distributed Data Systems, Platforms at Scale, and Complex Application Development. With headquarters in McLean, VA, our range of clients includes innovative federal and public agencies leveraging design thinking, cutting-edge tech stack, and cloud-native ecosystem. We build digital solutions that impact the lives of millions of Americans.

About the role:

Raft builds mission-critical data, AI, and operational platforms that process high-volume sensor, operational, and mission data across multiple classification levels. These platforms must run reliably in cloud-hosted, classified on-premises, disconnected, and edge environments where security, repeatability, and customer trust are non-negotiable.

As a Senior DevOps Engineer, you will own the secure delivery patterns behind [R]DP, [R]AP, [R]AIMS, and Raft’s MLOps deployments. You will design and harden Kubernetes-based platform architecture, improve GitOps and CI/CD workflows, automate compliance evidence, mentor engineers, and work directly with software, data, ML, security, and customer teams to keep mission systems deployable and trustworthy.

This role requires more than infrastructure fluency. You should be comfortable reading application code, understanding data pipelines, debugging distributed systems, navigating regulated delivery constraints, and making pragmatic tradeoffs between security, delivery speed, operability, and mission urgency. You will shape the golden paths that teams use to deliver secure mission software: Helm and GitOps patterns, hardened runtime configuration, supply chain controls, observability, compliance automation, ML serving, and deployment practices across cloud and classified environments.

• Design, implement, and continuously improve secure Kubernetes platform patterns for cloud, on-premises, disconnected, classified, and edge deployments
• Own CI/CD and GitOps delivery architecture using GitHub Workflows, GitLab CI, Argo CD, Flux, Helm, Kustomize, and repository-managed configuration across multiple environments and classification levels
• Lead DevSecOps practices including secure baselines, container hardening, SBOM generation, image signing, vulnerability management, dependency risk reduction, admission policy, secrets hygiene, and compliance-aware deployment gates
• Develop and maintain Infrastructure as Code with Terraform, Ansible, Helm, and supporting automation to make platform provisioning, upgrades, rollback, and environment promotion repeatable
• Partner with software, data, and ML engineers to understand service architecture, pipeline behavior, model-serving requirements, runtime dependencies, and production failure modes
• Support and optimize data-intensive and MLOps workloads using technologies such as Kafka, Flink, Pinot, KServe, Kubeflow, Ray, GPU-enabled nodes, and model-serving pipelines
• Build and refine observability patterns using Prometheus, Grafana, Fluent Bit, Loki, Kibana, OpenTelemetry, Jaeger, Tempo, and alerting workflows that help teams diagnose issues quickly
• Debug complex Kubernetes, Helm, service mesh, Istio, networking, storage, identity, and runtime issues across multi-cluster and multi-environment topologies
• Automate compliance evidence and improve deployment practices aligned with RMF, STIGs, FedRAMP, NIST 800-53, IL4/IL5/IL6, and customer-specific security controls
• Write clean, maintainable automation and platform tooling in Go, Java, Python, Bash, or similar languages to reduce toil and improve developer experience
• Mentor junior engineers, establish repeatable engineering practices, review technical designs, and raise the quality bar for secure platform delivery
• Engage directly with customers and operational stakeholders in Hawaii to support deployments, resolve incidents, explain technical tradeoffs, and convert field lessons into durable platform improvements

What we are looking for: 

• 6+ years of hands-on experience in DevSecOps, platform engineering, DevOps, cloud infrastructure, security engineering, or a closely related role
• 5+ years of production experience with Linux, containers, Docker, Kubernetes, and Kubernetes-based application delivery
• Deep experience building and operating CI/CD and GitOps workflows, preferably with GitLab CI, Argo CD, Flux, Helm, and environment promotion across regulated delivery pipelines
• Strong Kubernetes troubleshooting skills across workloads, controllers, networking, storage, RBAC, admission control, runtime configuration, and cluster health
• Hands-on experience applying software supply chain security practices such as SBOMs, SCA, SAST, DAST, vulnerability scanning, image signing, provenance, policy-as-code, and secure artifact promotion
• Experience with Terraform and Ansible or similar IaC and configuration management tooling for repeatable cloud and on-premises infrastructure delivery
• Strong understanding of security and compliance practices in regulated or government environments, including RMF, STIGs, NIST 800-53, FedRAMP, and IL4/IL5/IL6 considerations
• Experience designing observability patterns and operating production monitoring, logging, alerting, and tracing systems
• Ability to read, reason about, and contribute to application code in Go, Java, Python, or similar languages when deployment, reliability, or security requires it
• Experience supporting data platforms, streaming pipelines, or MLOps workloads; familiarity with Kafka, Flink, Pinot, KServe, Kubeflow, Ray, or GPU-enabled workloads is strongly valued
• Strong technical judgment, written communication, mentoring ability, and customer-facing confidence in high-pressure operational environments
• Active Secret clearance required; must be eligible for and willing to obtain a Top Secret/SCI clearance
• Ability to obtain Security+ certification within the first 90 days of employment
• Must be willing to work onsite in Oahu; candidates must live in or be willing to relocate to Hawaii
• Ability to travel up to 25%

Highly preferred:

• Experience owning secure platform patterns for multi-classification, air-gapped, disconnected, or classified environments
• Hands-on experience with Istio or another service mesh, including mTLS, authorization policy, traffic management, ingress/egress controls, and observability integration
• Experience with OPA/Gatekeeper, Kyverno, Sigstore, Cosign, SLSA-aligned practices, Trivy, Grype, Anchore, Twistlock/Prisma, or comparable security tooling
• Experience with platform reliability practices such as incident response, SLOs, error budgets, capacity planning, disaster recovery, and operational readiness reviews
• Background with AWS and/or Azure infrastructure, plus experience designing internal developer platforms, shared Helm libraries, environment templates, or self-service deployment workflows
• Experience supporting GPU-enabled Kubernetes workloads, model-serving platforms, data pipelines, or mission AI/ML workflows
• Prior experience supporting Pacific Command, PACAF, or Indo-Pacific joint force programs
• Existing TS/SCI clearance strongly preferred

• Raft’s platform deployments in Hawaii are secure, reliable, repeatable, observable, and supportable across cloud, on-premises, classified, and disconnected environments
• Engineering teams move faster because the delivery paths, Helm patterns, security gates, and operational runbooks are clear, durable, and actively maintained
• Security and compliance posture is continuously maintained through automation, evidence, reviewable configuration, and well-understood ownership
• When production issues occur, you can trace the system from source to runtime, separate facts from assumptions, and drive the team toward root cause and durable remediation
• Junior engineers grow under your mentorship, and customer feedback becomes repo-managed improvement rather than one-off fixes or tribal knowledge

Clearance Requirements:

• Active Secret clearance required to start; TS/SCI eligibility required

Salary Range: $160,000.00 - $200,000.00

Work Type:

• Onsite — Oahu, HI; candidates must be based in or willing to relocate to Hawaii
• Up to 25% travel

What we will offer you: 

• Highly competitive salary
• Fully covered healthcare, dental, and vision coverage
• 401(k) and company match
• Take as you need PTO + 11 paid holidays
• Education & training benefits
• Generous Referral Bonuses
• And More!

Our Vision Statement: 

We bridge the gap between humans and data through radical transparency and our obsession with the mission. 

Our Customer Obsession: 

We will approach every deliverable like it's a product. We will adopt a customer-obsessed mentality. As we grow, and our footprint becomes larger, teams and employees will treat each other not only as teammates but customers. We must live the customer-obsessed mindset, always. This will help us scale and it will translate to the interactions that our Rafters have with their clients and other product teams that they integrate with. Our culture will enable our success and set us apart from other companies.

How do we get there? 

Public-sector modernization is critical for us to live in a better world. We, at Raft, want to innovate and solve complex problems. And, if we are successful, our generation and the ones that follow us will live in a delightful, efficient, and accessible world where out-of-box thinking, and collaboration is a norm. 

Raft’s core philosophy is Ubuntu: I Am, Because We are. We support our “nadi” by elevating the other Rafters. We work as a hyper collaborative team where each team member brings a unique perspective, adding value that did not exist before. People make Raft special. We celebrate each other and our cognitive and cultural diversity. We are devoted to our practice of innovation and collaboration.