Key skills
AIArtificial IntelligenceAnalyticsAWSAzureTerraformGitHub ActionsGitLab CIServerlessECSEKSCloudFormationEC2S3RDSIAMSplunkGitHubGitLabCI/CDResource Planning
About this role
DEFCON AI is an insights company leveraging artificial intelligence and data analytics for resilient optimization of complex systems. They are seeking an experienced Cloud Infrastructure Engineer to design, deploy, and administer cloud environments with a focus on virtualization, automation, and security.
Responsibilities:
- Administer and maintain AWS and/or Azure environments, including day-to-day operations of virtual machines, networking, and storage
- Manage VPCs, subnets, routing tables, security groups, NACLs, and private networking constructs
- Deploy, maintain, and optimize EC2 instances, RDS, S3, IAM, KMS, Secrets Manager, and CloudTrail
- Build and manage hardened VM images (AMIs / golden images) for consistent, repeatable deployments
- Implement and support high availability, auto-scaling, and disaster recovery configurations
- Support multi-account or multi-subscription cloud governance structures (e.g., AWS Organizations, Azure Management Groups)
- Design and maintain infrastructure using Terraform, including modular design, remote state management, and workspace strategies
- Lead or support migrations from legacy IaC tooling (e.g., CloudFormation) to modern frameworks
- Enforce policy-as-code guardrails and maintain version-controlled infrastructure repositories
- Build reusable, secure baseline modules for VPC architecture, IAM roles, logging, monitoring, and encryption
- Administer virtualized workloads across cloud environments, including sizing, patching, lifecycle management, and cost optimization
- Support container-based workloads in ECS and/or EKS, including cluster management, networking, and image security
- Assist with transitions from legacy compute paradigms (e.g., EBS-backed instances) to modern container or serverless architectures
- Implement automated drift detection and remediation for both VMs and containerized environments
- Identify and implement automation opportunities to reduce manual operational overhead and improve team velocity
- Integrate infrastructure provisioning and security controls into CI/CD pipelines (GitHub Actions, GitLab CI, or equivalent)
- Implement and maintain secure secrets management practices
- Collaborate with DevSecOps and application engineering teams to enforce least-privilege IAM policies and secure-by-default configurations
- Apply and maintain security hardening baselines (CIS Benchmarks, DISA STIGs) for Linux and Windows virtual systems
- Configure and monitor AWS CloudTrail, GuardDuty, Security Hub, Config, and centralized logging pipelines
- Support SIEM integration (e.g., Splunk, Microsoft Sentinel) and assist with incident response
- Maintain vulnerability management lifecycle including patching, remediation tracking, and reporting
- Support compliance efforts aligned with relevant frameworks (NIST 800-171, CMMC, HIPAA, SOC 2, or FedRAMP as applicable)
- Partner with development, security, and IT operations teams to deliver reliable, scalable services
- Produce and maintain thorough documentation — architecture diagrams, runbooks, SOPs, and evidence artifacts for audits or assessments
- Contribute to budget management, resource planning, and capacity forecasting for cloud environments