• Design and Implement Infrastructure as Code (IaC): Utilize Terraform to automate and manage infrastructure across Azure and Cloudflare, ensuring consistent and scalable deployments. • Database Management: Oversee PostgreSQL DB operations and automate DB-related tasks to streamline database management. • Message Queue Configuration: Deploy and configure message queues to facilitate efficient data processing and communication between services. • CI/CD Pipeline Management: Develop and maintain CI/CD pipelines using GitHub Actions, automating the software delivery process to improve deployment efficiency. • Infra Security and Management: Ensure security across the infrastructure, enforcing RBAC practices and applying best practices for compliance and security within the DevOps lifecycle. • Monitor, Optimize, and Ensure Observability of System Performance: Implement and maintain monitoring and observability solutions to track and optimize system performance, identify bottlenecks, and maintain system health. • Troubleshoot and Resolve Infrastructure Issues: Quickly diagnose and resolve any infrastructure-related issues, ensuring minimum disruption to our services.

• Create, maintain and evolve Terraform modules for provisioning the data infrastructure. • Manage state management, workspaces and infrastructure versioning best practices. • Ensure reproducible, auditable and traceable infrastructure via code. • Provision and manage networks (VPCs, subnets, firewall rules) following security best practices. • Configure IAM: roles, policies and service accounts with the principle of least privilege. • Manage Google Cloud Storage (GCS) as the storage layer for the data platform. • Ensure compliance with cloud security and governance policies. • Provision and configure Databricks workspaces via Terraform/IaC. • Manage clusters, jobs, notebooks and permissions on the platform. • Integrate Databricks with GCP infrastructure (service accounts, VPC, GCS, IAM). • Build and maintain CI/CD pipelines for infrastructure (GitHub Actions or similar). • Apply GitOps practices: all infrastructure changes via Pull Request with review and automated validation. • Ensure secure and auditable deployment across multiple environments (dev/staging/prod). • Implement secrets and credential management following best practices (Secret Manager, Vault, etc.). • Automate and standardize environments to ensure consistency and eliminate manual configuration. • Support the data team with reliable, self-service infrastructure.

• Provide DevSecOps platform services that integrate security, compliance, and monitoring into all phases of cloud infrastructure and data products lifecycle management • Integrate IT Security Office approved-automated security controls, orchestrating vulnerability management, administering policy compliance, and providing continuous monitoring • Maintain secure and stable systems that enable continuous integration and delivery and reduce operational risk and support enterprise agility • Perform continuous scanning of all source and executable repositories for evolving threats detected after services are implemented • Ensure all code and IaC changes are version-controlled, peer-reviewed, security-scanned, and approved before promotion to production • Maintain continuous monitoring and alerting for all production deployments, with rollback procedures in place • Provide CI/CD pipeline and workflows for building, testing, and deploying. Promote workloads across environments with automated controls and approvals • Integrate security and compliance checks into CI/CD pipelines • Document all DevSecOps processes, standards, and toolset configurations, and maintain version-controlled documentation accessible to stakeholders • Integrate change control gates into the automated CI/CD workflow, with appropriate controls to prevent unauthorized or unreviewed code deployments to production • Coordinate with AO teams to establish and maintain standards for DevSecOps processes and toolsets, ensuring integration and interoperability across the enterprise ecosystem • Facilitate integration with third-party development, operations, and security tools to enable end-to-end visibility and control • Provide comprehensive end-user guides and training content for containerized pipeline features and security practices for the development team members • Conduct regular review and updates of DevSecOps practices and toolsets to incorporate emerging technologies, threat intelligence, and lessons learned • Create DevSecOps metrics reports (example: deployment frequency, mean time to resolution, vulnerability remediation time) to demonstrate effectiveness and drive improvement

Role Description Reporting directly to Security Engineering Management and under the general supervision by Information Security Office Leadership, this role will be responsible for building, maintaining, and ensuring the availability of our Elasticsearch and security application stacks. General duties will include, but are not limited to: - Lead the design, deployment, patching, and maintenance of Elasticsearch, analytics, and automation infrastructure. - Create and maintain application stack documentation. - Collaborate with security operations, product development, and other engineering teams. - Support the lifecycle of security application stacks. - 24/7 availability during scheduled on call for emergencies. Qualifications - Strong understanding of Elasticsearch, Logstash, Kibana, and the Beats stack. - Experience with Python, BASH, and other programming/scripting languages. - Experience with Cloud platforms including AWS, Azure, GCP. - Experience with Containerized applications and supporting infrastructure (K8s, Docker, etc.) - Experience with Big data platforms, data lakes, and managing data at scale. - Experience with Linux administration (Debian, Ubuntu, RedHat). - Experience with Webservers, proxies, and load balancers. - Experience with Security hardening and vulnerability remediation. - Basic understanding of AI LLMs, ML, and related technologies. Requirements - Experience with the following technologies: - SAST, DAST - Linters - Terraform - Secrets management - Infrastructure as code - Systems Administration - Active Directory - Windows and Linux Servers. - Experience with the following technical concepts: - Sharding - ILM - HA/DR/Fault tolerance - Security Automation - Defense in depth/Zero Trust - Compliance requirements (NIST/PCI/HIPAA/etc.) - Experience with the following administrative concepts: - Agile/Scrum project management - Documentation/Learning management - Process management Working Condition Requirements - Remote Office environment - Ability to prioritize and organize effectively - Ability to work on multiple projects simultaneously - Ability to work both independently and with others - Ability to operate in a fast moving, team-oriented, collaborative environment with tight deadlines Pay Transparency TierPoint is committed to practices that promote pay equity and transparency. We provide a compensation range for roles that may be hired in locations with pay transparency law requirements. It’s important to note the pay range may be narrower than displayed, as various factors are used to determine the offered compensation package including skill set, level of experience, geographic locations, and other relevant factors- i.e. budgetary requirements. Pay Range $111,716.54 - $167,574.81