Technical Lead-Cloud & Infra Engg

Location

United States

Posted

1 day ago

Salary

0

Seniority

Lead

Job Description

Technical Lead-Cloud & Infra Engg

Birlasoft Limited

Role Description Linux Vulnerability Remediation Engineer (Server Infrastructure – RHEL 7/8/9/10) Remote, Fulltime Key Responsibilities - Vulnerability Remediation & Patch Management: - Own and execute end-to-end remediation for vulnerabilities identified on Linux servers (RHEL 7/8/9), including OS/package patching and configuration hardening. - Fast-track and manage all Meridian-related remediation requirements as they are received, ensuring adherence to defined SLAs and audit expectations. - Triage vulnerability findings (primarily from Qualys) and translate them into actionable remediation plans, considering exploitability, criticality, asset tiering, and operational risk. - Coordinate remediation activities for: - Kernel and package updates (YUM/DNF), security errata, and required reboots where applicable. - CIS/STIG-aligned configuration changes (as applicable in the environment). - Mitigations/compensating controls when immediate patching is not feasible (documented and approved per process). - Automation, Configuration Management & Engineering: - Develop, enhance, and maintain remediation automation using: - Chef (cookbooks/recipes, attributes, templates, policy files as applicable) - Ansible (playbooks, roles, inventories, modules) - Shell scripting (Bash) and Ruby for server-side automation and custom remediation logic - Convert recurring manual remediation steps into repeatable automated solutions and standardized runbooks. - Ensure code follows internal engineering standards: version control, peer review, testing, documentation, and change management. - Validation, Closure & Reporting: - Validate remediation effectiveness by re-scanning and verifying closure in Qualys (and/or approved internal validation methods). - Confirm fixes did not introduce regressions; coordinate with application and platform teams for post-change verification. - Maintain accurate documentation of remediation actions, approvals, exceptions, and closure evidence to support audit and compliance needs. - Provide progress updates, metrics, and risk status to stakeholders (e.g., open critical/high items, aging items, SLA adherence). - Cross-Team Coordination & Operational Execution: - Schedule and lead remediation calls with infrastructure support teams, application owners, and other stakeholders to drive timely execution. - Work within change management processes: create/execute change plans, develop rollback steps, and coordinate maintenance windows. - Partner with platform engineering to improve standard server baselines and prevent vulnerability recurrence. - Vendor & Release Coordination (as needed): - Follow up with vendors (e.g., Red Hat or software providers) for patch availability, release schedules, and remediation guidance when vulnerabilities require vendor action. - Track advisories (RHSA/RHBA) and coordinate planned rollout timelines where applicable. Qualifications - 6-10 years of Strong hands-on experience with RHEL 7/8/9/10 in enterprise environments. - Proven experience driving vulnerability remediation and patch management for Linux servers. - Expertise with Qualys (or equivalent vulnerability scanners) including interpreting findings, false-positive validation, and closure verification. - Automation experience with Chef and/or Ansible in production. - Strong scripting skills: Bash, plus working proficiency in Ruby (or ability to maintain/extend existing Ruby codebases). - Understanding of Linux security fundamentals (permissions, services, SSH hardening, package management, kernel considerations). - Experience working with change management, incident/problem management, and coordinating across multiple support teams. Preferred Qualifications - Familiarity with compliance/security frameworks (e.g., CIS benchmarks, STIG concepts) as applied to Linux servers. - Experience with CI/CD or automated testing for infrastructure code (linting, unit/integration testing where applicable). - Experience operating in large-scale environments (hundreds/thousands of servers) with tiered production controls. - Working knowledge of container host hardening and server-side runtime dependencies (if applicable to the server fleet). Key Skills & Competencies - Remediation prioritization and risk-based decision making. - Strong troubleshooting and root-cause analysis (package conflicts, dependency issues, service impacts). - Clear communication and ability to drive closure across stakeholders. - Documentation discipline and audit readiness mindset. - Ability to deliver under tight timelines while maintaining system stability. Deliverables / Success Measures - Reduction in open Patch NOW/Critical/High vulnerabilities and improved SLA compliance. - Consistent, repeatable remediation through Chef/Ansible automation. - Verified closures in Qualys with clear evidence and minimal re-open rates. - Improved remediation cycle time for Meridian requirements and other prioritized findings. - Fewer recurring vulnerability patterns through baseline improvements and preventive controls.

Related Categories

Related Job Pages

More Cloud Engineer Jobs

Kinaxis logo

Senior Cloud Engineer, Cloud Platform

Kinaxis

Powering the world's supply chains.

Full TimeRemoteTeam 1,001-5,000H1B Sponsor

• Solve complex challenges as a trusted technical lead. • Drive a DevOps mindset and collaboration within the Cloud Platform Engineering Team. • Develop and enhance cloud reference architectures and guide teams on implementation. • Participate in architectural decisions, improve CI/CD pipelines, and build secure, high-performing, resilient, and efficient cloud infrastructure. • Collaborate with cross-functional teams to streamline delivery processes, enhance services, and provide a seamless experience through self-service and modern approaches. • Mentor and lead team members to achieve excellence in industry best practices. • Lead code and design reviews for high-quality deliverables. • Help plan and coordinate day-to-day team activities using Scrum methodologies, including monitoring and triaging work, defining and tracking KPIs, facilitating team discussions and demos, and removing impediments. • Stay up to date with the latest cloud technologies and trends.

Canada
SOSi logo

Cloud Engineer

SOSi

Challenge Accepted

Cloud Engineer2 days ago
Full TimeRemoteTeam 1,001-5,000Since 1989H1B No Sponsor

Role Description SOSi is seeking a Cloud Engineer to support mission requirements for a structured approach to further develop, integrate, and sustain a scalable, federated data ecosystem that enhances interoperability, governance, and mission-driven analytics for a DoD customer. The primary objective of the program is to bridge the operational gaps between DoD, IC, interagency, and non-traditional international partners to enable real-time information sharing, dynamic data integration, and mission-tailored analytical capabilities. - The contractor shall design, deploy, and maintain secure cloud environments in AWS and Azure, ensuring compliance with DoD cloud security frameworks and best practices. - The contractor shall configure identity and access management (IAM) solutions, enforce role-based access controls (RBAC), and manage cloud security groups and firewalls. - The contractor shall optimize cloud networking configurations, including VPC peering, VPNs, and cross-domain connectivity to ensure secure and efficient cloud operations. - The contractor shall support the development of Infrastructure-as-Code (IaC) solutions using Terraform, CloudFormation, or ARM templates to automate secure cloud deployments. - The contractor shall contribute to the Cloud Security & Performance Optimization Report, detailing cloud security configurations, resource utilization efficiencies, and compliance measures. - The contractor shall track and report Kubernetes and other workload-specific cloud resource usage by Work Order, using GovCloud-native observability tools (e.g., Azure Monitor, AWS CloudWatch, Cost Explorer). - The contractor shall coordinate with other Work Order contractors (e.g., WO-003) to reconcile prepay or reservation usage against actual consumption and provide monthly reports on compute and storage allocation, tagging compliance, and projected costs. - The contractor shall advise the Government on workload placement and optimization strategies across IL2, IL4, and IL5 environments to reduce cost while maintaining performance and security compliance. - The contractor shall provision and maintain IL2, IL4, and IL5 GovCloud infrastructure using native Azure and/or AWS tools where feasible. - The contractor shall implement cloud-native services for monitoring (e.g., CloudWatch, Azure Monitor), cost tracking, and compliance automation to support scalability, security, and chargeback alignment. - The contractor shall provision infrastructure in coordination with other Work Orders. - The contractor shall provision and manage shared container environments and storage for dependent Work Orders, ensuring secure, efficient resource allocation and cross-Work Order operability. Qualifications - Knowledge and capability to design, deploy, and maintain GovCloud-based infrastructures across AWS and Azure, ensuring high availability, scalability, and security for mission-critical applications. - Required expertise includes cloud architecture, networking, virtualization, containerization, and security best practices, with proficiency in Infrastructure-as-Code (IaC) solutions such as Terraform or AWS CloudFormation. - Personnel must have experience in hybrid and multi-cloud configurations, including Virtual Private Cloud (VPC) peering, identity management (IAM), and cross-domain solutions. - Strong expertise in the Authority to Operate (ATO) process is required, including preparing security documentation, conducting compliance assessments, and maintaining continuous monitoring per DoD Risk Management Framework (RMF), NIST 800-53 Rev. 5, FedRAMP, and DoD IL-4/IL-5 security mandates. - Personnel must also optimize cloud resources for compute, storage, and networking efficiency while ensuring full compliance with DoD governance policies. - Bachelor’s degree in Computer Science, Information Systems, or a related field, or five (5) years of equivalent experience in cloud engineering. - Personnel must have experience designing, deploying, and managing AWS and Azure cloud environments with a focus on security, automation, and scalability. - Required expertise includes Identity and Access Management (IAM), role-based access control (RBAC), Zero Trust Architecture (ZTA), and cloud networking configurations such as VPC peering, subnets, VPNs, and security groups. - Personnel must demonstrate proficiency in Infrastructure-as-Code (IaC) tools like Terraform, CloudFormation, or ARM templates, ensuring secure and scalable deployments. - Experience supporting Authority to Operate (ATO) processes is required, including preparing System Security Plans (SSP), Security Assessment Reports (SAR), and Plans of Action & Milestones (POA&M), and maintaining compliance with DoD governance frameworks and NIST requirements. - Personnel must also collaborate with cybersecurity teams to implement security controls in accordance with FedRAMP, RMF, and DoD IL-4/IL-5 security mandates, while optimizing cloud resource allocation for efficiency. Preferred Qualifications - Preferred certifications include AWS Certified Solutions Architect – Associate, Microsoft Certified: Azure Solutions Architect Expert, and Google Professional Cloud Architect. Work Environment - Offsite/Remote. Clearance Requirement - None Compensation - USD 86568 - USD 179795 yearly

United States
$86.6K - $179.8K / year
Veeam Software logo

Senior Territory Manager, Veeam Cloud and Service Provider

Veeam Software

Your Single Backup and Data Management Platform for Cloud, Virtual and Physical

Cloud Engineer2 days ago
Full TimeRemoteTeam 1,001-5,000Since 2006H1B Sponsor

• Own and achieve a revenue-based sales quota by driving new business acquisition, partner expansion, and recurring revenue growth across the assigned VCSP territory. • Recruit, onboard, and develop new Cloud, Hosting, Managed Service, and Service Provider partners into the Veeam Cloud & Service Provider Program. • Grow strategic partner relationships by identifying new business opportunities, expanding Veeam solution adoption, and increasing cloud service consumption. • Build and execute comprehensive partner business plans covering sales, marketing, enablement, go-to-market initiatives, financial objectives, and growth strategies. • Collaborate with Systems Engineers and regional sales teams to qualify opportunities, deliver technical presentations, and successfully close complex sales engagements. • Engage executive stakeholders to develop trusted advisor relationships and position Veeam as the strategic platform for data resilience and cloud services. • Drive partner enablement by helping providers build differentiated Veeam-powered service offerings that deliver business value to their customers. • Maintain an accurate sales pipeline, forecast, and account activity within Salesforce CRM. • Represent Veeam at partner meetings, executive briefings, regional events, and industry conferences, serving as a trusted advisor and VCSP subject matter expert. • Work cross-functionally with Sales, Channel, Marketing, Product, and Customer Success teams to accelerate partner success and revenue growth.

Argentina
Devsu logo

Cloud Architect – Enterprise AI, Modernization

Devsu

Devsu is a technology agency that provides software development services, IT augmentation and staffing.

Cloud Engineer2 days ago
Full TimeRemoteTeam 51-200H1B No Sponsor

• Define and maintain enterprise cloud architecture across Azure environments, establishing standards for networking, security, IAM, and resource organisation. • Evaluate and guide platform strategy across Azure, Snowflake, Databricks, and related tooling. • Establish architectural principles for AI-enabled applications, ensuring systems are API-driven, modular, and scalable. • Identify architectural constraints that limit autonomous/agent workflows and create reference patterns for AI-to-production transitions. • Guide the evolution of CI/CD pipelines, including potential GitHub Enterprise migration, ensuring deployment patterns are scalable, secure, and repeatable. • Define application architecture standards (front-end, APIs, services) and implement lightweight governance for AI-generated code before production. • Quantify and manage technical debt across systems, reducing key-person dependencies in infrastructure design.

Colombia