• Supports the Case Management Modernization (CMM) Program for the U.S. Courts by designing, implementing, and managing secure authentication and authorization frameworks • Ensures compliance with federal identity governance, FedRAMP, and Zero Trust Architecture (ZTA) principles • Collaborates with architecture, security, and DevSecOps teams to ensure access control and credential management are integrated across all layers of the CMM application ecosystem • Designs and maintains the identity architecture utilizing Keycloak • Implements federated identity and single sign-on (SSO) solutions using modern protocols (SAML, OAuth2.0, OIDC) • Configures directory services and identity providers (AWS Cognito, AWS IAM Identity Center, Azure AD, etc.) • Conducts access audits, user entitlement reviews, and anomaly detection to ensure least-privilege compliance

• Craft creative scalable cloud solutions for running millions of jobs, thousands of systems, and petabytes of storage. • Address exciting challenges in infrastructure such as Kubernetes, job scheduling, multi-region services, resource management, and automated recovery. • Create agentic workflows for infrastructure. • Collaborate with customers to understand their needs and develop innovative solutions that cater to their requirements.

Role Description We are looking for an experienced and versatile Infrastructure Engineer to join our team. This is a broad, hands-on role for someone who is comfortable operating across the modern infrastructure stack — spanning cloud platforms, virtualization, systems administration, automation, and network engineering. This role replaces a traditional network-only function and reflects how we think about infrastructure today: as an interconnected discipline where networking, computing, security, and automation are inseparable. You will be a key contributor to the reliability, scalability, and security of our platforms, and a go-to escalation point for complex infrastructure challenges. What You'll Do - Cloud & Hybrid Infrastructure - Support the maintenance of both on-prem and cloud infrastructure across AWS, Azure, or GCP including compute, storage, networking, and identity services. - Manage and optimize hybrid connectivity between on-premises environments and cloud platforms (VPN, ExpressRoute/Direct Connect, Transit Gateway). - Govern infrastructure as code (IaC) using tools such as Terraform or Pulumi, ensuring environments are reproducible and version-controlled. - Networking - Participate in ongoing management of network infrastructure including routers, switches, firewalls, and load balancers. - Manage and troubleshoot LAN/WAN, SD-WAN, VPN, BGP/OSPF, and VLAN environments. - Administer DNS, DHCP, and IP address management (IPAM) across hybrid environments. - Review and enforce network security policies, firewall rules, and segmentation strategies in collaboration with the security team. - Systems & Virtualization - Administer virtualized environments (VMware vSphere, Hyper-V, or equivalent) and container platforms (Kubernetes, Docker). - Manage server operating systems at scale across Linux (RHEL/Ubuntu) and Windows Server. - Monitoring, Reliability & Security - Maintain observability tooling including infrastructure monitoring, alerting, and log aggregation (e.g. Datadog, Prometheus/Grafana, Splunk, or similar). - Participate in an on-call rotation for infrastructure-level incidents, driving timely resolution and thorough post-incident reviews. - Contribute to backup, disaster recovery, and business continuity planning and testing. - Partner with the security team on vulnerability management, patching cadences, and hardening standards. - Automation & Continuous Improvement - Identify and drive automation opportunities to reduce toil and improve consistency across the infrastructure estate. - Contribute to capacity planning and infrastructure roadmap discussions. - Mentor P1/P2 engineers and share knowledge through internal documentation and team sessions. Qualifications - 4–7 years of experience in infrastructure, network engineering, or a related discipline. - Strong networking fundamentals and hands-on experience with enterprise network platforms (Cisco, Juniper, Palo Alto, Fortinet, or similar). - Proven experience with at least one major cloud platform (AWS, Azure, or GCP) — ideally with a cloud associate-level certification or equivalent practical experience. - Experience managing Linux and Windows Server environments in production. - Familiarity with containerization concepts and platforms (Docker, Kubernetes). - Experience with monitoring and observability tooling in a production environment. - Strong troubleshooting skills across network, compute, and storage layers. - Comfortable working in an on-call capacity for infrastructure incidents. Nice to Have - Working knowledge of infrastructure as code and configuration management tools (Terraform, Ansible, or similar). - Experience with SD-WAN platforms (e.g. Meraki, Viptela/Cisco SDWAN, VMware VeloCloud). - Scripting proficiency in Python, Bash, or PowerShell for automation. - Exposure to DevOps practices and CI/CD pipelines. - Experience in a zero-trust network architecture project. - Relevant certifications: CCNA/CCNP, AWS Solutions Architect, Azure Administrator (AZ-104), CKA, or equivalent. Compensation and Benefits - The salary range for this position is $115,000 – $173,000 per year, which represents the base pay the company reasonably and in good faith expects to pay for this role. - Actual pay within this range will be determined based on factors such as relevant experience, skills, and qualifications. - Depending on the position, employees may also be eligible to participate in a company bonus or commission plan. - All employees are eligible for a comprehensive benefits package, including medical, dental, and vision coverage, unlimited paid time off, and participation in the company’s 401(k) plan with employer contribution.

• Help own the full breadth of AWS cloud environment, network infrastructure, and internal IT operations. • Collaborate closely with platform engineering team to align infrastructure decisions with product goals. • Own and improve Site-to-Site VPN setup, including VPC architecture, route tables, subnets, and security groups for client connectivity. • Design and implement automated client onboarding experiences using templating and Infrastructure as Code. • Harden existing network configurations to improve security posture and reduce manual intervention for each new client connection. • Manage interface infrastructure supporting healthcare data integrations, ensuring availability, performance, and observability. • Continuously monitor and remediate security vulnerabilities across AWS resources — Lambdas, ECR images, EC2 instances, and beyond. • Patch and resolve critical and high-severity vulnerabilities in Python, C#, and Node.js codebases. • Maintain and improve HIPAA-compliant configurations across all cloud resources and services. • Manage device security, enrollment, and lifecycle including remote wipe capabilities and MDM tooling. • Own identity and access management across AWS (IAM), internal applications, and SaaS tools. • Support onboarding and offboarding workflows including provisioning and deprovisioning accounts, devices, and access.