• Design, deploy, and maintain VM and Kubernetes infrastructure on GCP and AWS across dozens of clusters spanning development, staging, and production environments in multiple regions. • Coordinate with your peers in your direct team as well as across teams to ensure that the tasks you’re working on are going to solve the problems that we need them to solve. • Build and maintain Infrastructure as Code (IaC) using Terraform modules, managing resources through Spacelift or equivalent Terraform Automation and Collaboration Software (TACOS). Provision cloud infrastructure including networking, compute, storage, and security components primarily on GCP, with secondary AWS support. • Implement and manage workflows with sophisticated multi-layer configuration management. • Build and maintain comprehensive observability solutions using Grafana Cloud, Prometheus/Mimir, and OTel collectors. Design Grafana dashboards, configure alerting rules, and ensure visibility across all platform components. • Manage certificate lifecycle, DNS automation, ingress controllers, and service mesh networking with Cilium. • Partner with Engineering, Product, Compliance, and Security teams to design resilient, scalable systems. Consult on capacity planning, disaster recovery, and architectural decisions for cloud-native applications. • Identify and eliminate toil through automation. Write scripts, develop tools, and build CI/CD pipelines to improve operational efficiency and reduce manual work. • Participate in a 24x7 on-call rotation as part of a globally distributed team, responding to incidents and driving post-incident reviews.

• Provide critical technical recommendations to resolve complex issues and guide strategic technology decisions for the PMO and ESMC • Conduct comprehensive analyses of alternatives (AoA) for data analytics, visualization, and AI/ML platforms, advocating for Commercial-off-the-Shelf (COTS) or Government-off-the-Shelf (GOTS) solutions where practical • Lead long-term strategy, technology roadmap planning, and capacity planning to ensure the infrastructure meets future business goals • Continuously monitor technical trends through independent research, reporting on new products and services that align with strategic goals • Translate complex technical concepts into clear, actionable insights for non-technical stakeholders through briefings, whitepapers, and reports • Perform periodic technical assessments of programs and projects, evaluating status, progress, work product quality, and schedule and cost management • Design, implement, and manage a secure, scalable multi-cloud and hybrid hosting infrastructure, ensuring high availability and performance • Provide expertise on enhancing application architecture to leverage Cloud Native solutions (e.g., ElasticSearch, Kibana, containerization) and optimize for performance and cost on AWS GovCloud • Assist in the sizing of application components, usage estimates, and technical support configurations • Identify system component incompatibilities and recommend solutions for seamless integration during technology upgrades • Collaborate with the Cybersecurity team to implement robust security protocols, manage access controls, conduct vulnerability assessments, and respond to incidents. • Ensure all infrastructure, technical specifications, and designs meet and maintain compliance with DoD, DLA, and other relevant government security standards • Evaluate technical specifications (i.e., design, database components, interface designs) to provide expert guidance and ensure industry best practices are met

Role Description - Fachliche Führung eines Infrastruktur Teams - Verantwortung für den stabilen und sicheren Betrieb von IT-Infrastrukturen - Unterstützung bei der Ausrichtung des Teams für den Betrieb als auch Projektunterstützungsaufgaben - Planung und Umsetzung von Security-Architekturen mit Lösungen der genua GmbH - Steuerung von Incidents, Eskalationen und Changes - Technische Unterstützung bei komplexen Störungen und Sicherheitsvorfällen - Weiterentwicklung von Betriebsprozessen (z. B. nach ITIL) - Beratung von Kunden zu sicheren Infrastruktur- und Netzwerkarchitekturen - Unterstützung im Presales (z. B. bei Angeboten und technischen Konzepten) - Sicherstellung von SLAs, Verfügbarkeit und Servicequalität Qualifications - Studium der Informatik, Wirtschaftsinformatik oder eine vergleichbare Qualifikation und relevante Berufserfahrung im Bereich IT-Infrastruktur/IT-Security - Erfahrung im Betrieb von Kundenumgebungen (idealerweise Managed Services) - Kenntnisse von regulatorischen Anforderungen (z. B. KRITIS, BSI) von Vorteil - Führungserfahrung (fachlich) - Gute Kenntnisse in IT-Infrastrukturen (Netzwerke, Server, Virtualisierung) - Erfahrung mit IT-Sicherheitslösungen, insbesondere Firewalls und VPN - Erfahrungen mit Infrastrukturkomponenten im Kontext von Einsatzzulassung - Geheimschutz bis Stufe VS-NfD - Idealerweise Erfahrung mit Lösungen der genua GmbH oder vergleichbaren Herstellern - Erfahrungen mit modernen Schlüsselmanagement-Konzepten - Erfahrung mit Konfiguration/Rollout & Betrieb von gehärteten Client-Systemen - Verständnis moderner Sicherheitskonzepte (z. B. Zero Trust, Netzwerksegmentierung) - Erfahrung im Betrieb und Monitoring von IT-Systemen Benefits - Weiterbildung - individuelle Weiterentwicklungs- und Weiterbildungsmöglichkeiten, zielgerichtetes Training on the Job, interessante und abwechslungsreiche Aufgaben - Work-Life-Balance - flexible Arbeitszeiten und hybrides Arbeiten - Arbeitsatmosphäre - kurze Kommunikations- und Entscheidungswege, Duz-Kultur, regelmäßige Feedbackgespräche - Sicherheit - ein unbefristetes Arbeitsverhältnis mit attraktiver Vergütung - Finanzielle Vorsorge - Zuschuss zur Betrieblichen Altersvorsorge - Mitarbeitende werben Mitarbeitende - Empfehlungsprogramm mit attraktiver Prämie - Verkehrsgünstige Lage - gute Anbindung an den ÖPNV und die Autobahn - JobRad - Möglichkeit, ein E-Bike, Rennrad oder Mountainbike zu leasen - Team- und Sportevents - Firmenfeste und Sponsoring von Firmenläufen

Title: Senior Infrastructure Security Engineer Location: Remote - USA United States Job Description: Summary: We are currently seeking a Senior Infrastructure Security Engineer to join our rapidly growing Security team. This role is for someone passionate about building proactive security solutions, implementing detection capabilities, and driving security automation at scale. You will be exposed to new challenges and technologies while making a tangible impact. This role is open to candidates across North America (US and Canada). If you are located near one of our hubs (Burnaby, Calgary, or Toronto), you will be expected to work in the office a minimum of twice per week on our designated Anchor Days. Who you are: Are you someone who’s always probing and asking why, someone who enjoys finding smarter and more efficient solutions to problems? If so, we have a spot for you on Clio’s security team! We are looking for the right candidate to develop and run our security architecture and engineering program, and be an advocate and advisor for security overall. If you have a strong operations background with a passion for security and experience in cloud-first environments, then we want to talk to you. A day in the life might look like: - Implement and maintain security controls across AWS/Azure, focusing on EKS/AKS cluster security, EC2 hardening, and cloud-native protection - Partner with the cloud security manager to plan and develop the team’s road map - Develop and tune rules for cloud-specific threats, manage GuardDuty/Defender integration, and build automated response workflows - Investigate potential security incidents and serve as initial incident responder - Provide architectural guidance for securing our user environments and maintaining a good security posture - Secure Kubernetes workloads, implement pod security standards, and integrate security scanning into CI/CD pipelines - Stay up-to-date with current methods of cloud compromise, tools, tactics, and procedures - Work in a small team where you can make a big impact What you may have: - Cloud Security expertise with 3+ years in securing AWS environments - Hands-on expertise with Kubernetes and/or EKS, including autoscaling, CI/CD, and automation - Adept at using IaC technologies like Terraform, Puppet, CloudFormation, or Ansible - Skilled in securing cloud infrastructure such as AWS, GCP/GSuite, GitHub, and IdP - Familiarity in a cloud-first organization, including experience with AWS and/or GCP - Ability to program in a dynamic programming language: Python, Ruby - Strong understanding of threat vectors, indicators of compromise, malicious behaviour identification, and emerging threat analysis. - Strong Linux experience - Demonstrate a keen interest in improving your craft by using AI Serious bonus points if you have: - Strong Azure and/or GCP security experience to go with your AWS Experience - Any security certifications such as AWS Security Specialist, OSCP, CKS, GCPN, CISSP or others - Experience with Ruby on Rails, Puppet, Terraform, ELK (Elastic/OpenSearch, Logstash and Kibana) - Infrastructure security (firewalls, ACLs, authentication, device hardening) - Container Security Tools familiarity with Falco, OPA/Gatekeeper, container image scanning, and runtime protection This role is a backfill for an existing position. What you will find here: Compensation is one of the main components of Clio’s Total Rewards Program. We have developed a series of programs and processes to ensure we are creating fair and competitive pay practices that form the foundation of our human and high-performing culture. Some highlights of our Total Rewards program include: - Competitive, equitable salary with top-tier health benefits, dental, and vision insurance - Hybrid work environment, with expectation for local Clions (Vancouver, Calgary, Toronto, Dublin, London, New York City and Sydney) to be in office min. twice per week. - Flexible time off policy, with an encouraged 20 days off per year. - $2000 annual counseling benefit - RRSP matching and RESP contribution - Clioversary recognition program with special acknowledgement at 3, 5, 7, and 10 years The expected salary range* for this role is $166,000 to $195,300 to $224,600 USD. There are a separate set of salary bands for other regions based on local currency. *Our salary bands are designed to reflect the range of skills and experience needed for the position and to allow room for growth at Clio. For experienced individuals, we typically hire at or around the midpoint of the band. The top portion of the salary band is reserved for employees who demonstrate sustained high performance and impact at Clio. Those who are new to the role may join below the midpoint and develop their skills over time. The final offer amount for this role will be dependent on geographical region, applicable experience, and skillset of the candidate.