• Own the organization's security posture. Define, implement, and maintain the controls, policies, and practices that keep Counterpart secure across human and agentic interactions. • Own our SOC 2 Type 2 and HIPAA compliance programs. Manage and automate audits, maintain evidence, and extend our compliance posture as the business and the threat surface grow. • Stay ahead of emerging threats and regulations. Continuously evaluate our security posture against new attack vectors, including data poisoning, adversarial inputs, and agent hijacking. Track how AI security standards and regulatory requirements are evolving and get ahead of them before they become mandatory. • Own IT operations end-to-end, from onboarding to offboarding. Manage and automate device procurement and provisioning, access controls, identity management, and the internal tooling stack. • Own platform infrastructure security as a hands-on member of the DevOps team. • Build and maintain sandbox architecture that allows safe experimentation without risking production systems. • Design and implement secure environments for AI agent workloads, including trust boundaries, defenses against prompt injection, data exfiltration, and other unexpected behaviors.

Description ICF is a mission-driven company filled with people who care deeply about improving the lives of others and making the world a better place. Our core values include Embracing Difference; we seek candidates who are passionate about building a culture that encourages, embraces, and hires dimensions of difference. Our Health Engineering Solutions (HES) team works side by side with customers to articulate a vision for success, and then make it happen. We know success doesn't happen by accident. It takes the right team of people, working together on the right solutions for the customer. We are looking for a seasoned SRE to establish a culture of improvement in observability and reliability. You will work closely with software engineering teams to ensure that applications, databases, pipelines and APIs run reliably. You will be expected to create, set, and exceed service level objectives as key indicators of application health. You will be working on a mission critical software program whose goal is to support the ecosystem of Centers for Medicare & Medicaid Services (CMS). Our core work hours are 10am - 4pm Eastern Time with the option to start earlier or work later depending on your time zone. Key Responsibilities: - Define and maintain SLIs, SLOs, and SLAs for the Internet-based Quality Improvement and Evaluation System (iQIES) application. - Performance tuning that will model load scenarios, forecasting capacity, and optimize scaling strategies - Design and optimize the observability stack through New Relic, CloudWatch, and Jenkins CI/CD pipelines - Participate in root cause analysis for operational issues and improve incident response process - Participate in creating, monitoring, and optimizing actionable alerts to respond to issues in a timely manner - Develop tools and scripts - Develop and maintain Jenkins CI/CD pipelines, using declarative Jenkinsfiles and foundational Groovy for pipeline logic and enhancements - Deploy services to Fargate, EKS, Lambda, Airflow, Databases - Manage security groups and access controls. Thoroughly understand fundamentals like security groups, IAM, managing RDS - Apply patch management and hardening practices - Align with DevOps and Technical Leads to ensure overall strategy - Actively participate in releases and product launches with expectation of being online during release windows Required Qualifications - 5+ years experience in a software development environment and a Bachelor’s degree; OR 3+ years experience in a software development environment and a Master’s degree - 5+ years supporting a high‑availability production environment (cloud or on‑prem) - 3+ years of working in a SRE role in a large scale cloud implementing high availability and scalability - 3+ years of experience focused on SRE, DevOps, or Platform Engineering - Must be able to obtain and maintain a public trust clearance - Candidate must reside in the US, be authorized to work in the US, and work must be performed in the US - Must have lived in the US 3 full years out of the last 5 years Preferred Qualifications - Previous work in a regulated healthcare or federal agency environment - Full stack web development experience - Expert in deployment techniques to minimize down-time like Blue-Green, Canary, A/B testing approaches, and zero downtime deployments - Understanding of security groups and access controls - Experience with Atlassian tooling such as Jira and Confluence  Professional Skills and Tools: - Cloud platform experience with AWS - Observability: CloudWatch, New Relic or similar - Infrastructure: Kubernetes, Docker - IaC: Terraform - CI/CD: Git, Jenkins or GitHub Actions - Database: SQL relational database - Docker: Thorough understanding of Docker and Docker Compose. Understand best practices, caching, volume mounts, etc - Highly effective analytical, problem-solving, and decision-making capabilities. - Strong written and verbal communication skills  - Ability to clearly articulate and communicate complex technical ideas to non-SRE colleagues.  - Ability to understand project requirements and be innovative in finding solutions in highly regulated government environments.  - Flexibility and the ability to accept a change in priorities as necessary.  - Demonstrated time management skills.  - Strong organizational skills with attention to detail.  Job Location: This position requires that the job be performed in the United States. If you accept this position, you should note that ICF does monitor employee work locations and blocks access from foreign locations/foreign IP addresses, and also prohibits personal VPN connections. Working at ICF ICF is a global advisory and technology services provider, but we’re not your typical consultants. We combine unmatched expertise with cutting-edge technology to help clients solve their most complex challenges, navigate change, and shape the future. We can only solve the world's toughest challenges by building a workplace that allows everyone to thrive. We are an equal opportunity employer. Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals. For more information, please read our EEO policy. We will consider for employment qualified applicants with arrest and conviction records. Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process. To request an accommodation, please email Candidateaccommodation@icf.com and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.  Read more about workplace discrimination rights or our benefit offerings which are included in the Transparency in (Benefits) Coverage Act. Candidate AI Usage Policy At ICF, we are committed to ensuring a fair interview process for all candidates based on their own skills and knowledge. As part of this commitment, the use of artificial intelligence (AI) tools to generate or assist with responses during interviews (whether in-person or virtual) is not permitted. This policy is in place to maintain the integrity and authenticity of the interview process.  However, we understand that some candidates may require accommodation that involves the use of AI. If such an accommodation is needed, candidates are instructed to contact us in advance at candidateaccommodation@icf.com. We are dedicated to providing the necessary support to ensure that all candidates have an equal opportunity to succeed.   Pay Range - There are multiple factors that are considered in determining final pay for a position, including, but not limited to, relevant work experience, skills, certifications and competencies that align to the specified role, geographic location, education and certifications as well as contract provisions regarding labor categories that are specific to the position. The pay range for this position based on full-time employment is: $108,476.00 - $184,409.00 Nationwide Remote Office (US99)

• Operate and support enterprise compute platforms across hardware, OS, virtualization, and container orchestration layers • Deploy and maintain bare metal server infrastructure for Ubuntu OS with Kubernetes and hypervisors including Openstack & Harvester • Implement and maintain PXE-based provisioning environments leveraging Redfish APIs for large-scale server deployments • Install, patch, and maintain operating systems including Ubuntu and Harvester • Operate and support virtualization and private cloud platforms, including KVM on Ubuntu, OpenStack environments and Harvester HCI • Develop Infrastructure-as-Code using Ansible, Terraform, Helm and Git, with Python/Bash automation. • Implement CI/CD pipelines for infrastructure updates, patching, upgrades, testing, and rollback. • Perform firmware updates, patch management, and hardware health validation • Monitor system performance, capacity, and availability; proactively address reliability risks • Troubleshoot complex cross-stack issues spanning hardware, OS, virtualization, OpenStack, and Kubernetes • Manage to SLAs, KPIs and error budgets • Participate in on-call escalation support for complex platform-related issues • Collaborate globally on change management, documentation, and operational best practices. • Develop and maintain runbooks, operational procedures, and technical documentation

Workstate is seeking a DevOps Engineer with deep experience designing, implementing, and operating deployment pipelines built around Bazel. This role focuses on Bazel as part of a build, packaging, artifact, and release platform, including reproducibility, remote caching/execution, CI/CD integration, dependency management, environment promotion, and operational reliability. In addition to Bazel expertise, strong experience with AWS, Terraform, and modern DevOps practices is highly valued. Residents of the United States with the right to work without need for visa sponsorship are eligible for this role.