Role Overview
We are seeking a skilled (SECURITY CLEARED) Python Infrastructure Engineer to support and enhance the infrastructure for a Python-based data and application platform. The ideal candidate will have strong Python skills alongside deep experience in Infrastructure as Code (IaC), cloud security, and CI/CD practices. You will play a key role in maintaining and evolving the infrastructure underpinning critical applications and data pipelines.
Key Responsibilities
* Codebase Management & Maintenance
* Maintain and enhance the existing digitall-land-python codebase, ensuring reliability, scalability, and compliance with coding standards.
* Collaborate with developers and data engineers to support application lifecycle and deployment workflows.
* Infrastructure as Code (IaC)
* Design and implement Terraform scripts to provision and manage cloud infrastructure (e.g., AWS, Azure, or GCP).
* Ensure infrastructure is modular, version-controlled, and reusable across environments.
* Infrastructure Security & Governance
* Establish and enforce infrastructure security best practices, including secure networking, encryption, and logging.
* Work with security teams to conduct threat modeling, penetration testing, and audit logging.
* Identity and Access Management (IAM)
* Implement and manage IAM policies and permissions for cloud-native applications and GitHub repositories.
* Define least-privilege access roles for both human and service identities, aligning with compliance requirements.
* Environment Configuration & Management
* Oversee changes to environment variables and secrets for multiple applications and Airflow DAGs, ensuring secure storage and controlled access.
* Maintain configuration consistency across dev, test, staging, and production environments.
Essential Skills & Experience
* Strong Python programming background with experience supporting infrastructure-heavy codebases.
* Proven experience with Terraform or similar IaC tools (e.g., Pulumi, AWS CloudFormation).
* Deep knowledge of cloud platforms (AWS, Azure, or GCP), with a focus on provisioning, security, and IAM.
* Familiarity with CI/CD tools (e.g., GitHub Actions, Jenkins, CircleCI) and Git-based workflows.
* Hands-on experience with Airflow, particularly DAG management and operational reliability.
* Solid understanding of DevOps, SRE, or platform engineering principles.
Desirable Experience
* Exposure to secrets management tools (e.g., AWS Secrets Manager, HashiCorp Vault).
* Experience managing GitHub organization permissions and automations via APIs or Terraform providers.
* Background in working with data engineering platforms or data lakes.
* Experience with containerization (Docker) and container orchestration (Kubernetes) is a plus.