Orion Innovation is a premier, award-winning, global business and technology services firm. Orion delivers game-changing business transformation and product development rooted in digital strategy, experience design, and engineering, with a unique combination of agility, scale, and maturity. We work with a wide range of clients across many industries including financial services, professional services, telecommunications and media, consumer products, automotive, industrial automation, professional sports and entertainment, life sciences, ecommerce, and education.
Role: Senior DevOps/ Infrastructure Engineer
Type: Remote working EST hours
Must be eligible for Secret Security Clearance
Job Overview
We are seeking a Senior Infrastructure Engineer with a deep specialization in Security Design to lead the evolution of our cloud-native ecosystem. In this role, you will be responsible for architecting, building, and maintaining highly available AWS infrastructure while ensuring that security is not an afterthought, but a core component of the design. You will bridge the gap between systems engineering and cyber defense, building resilient platforms that are "secure by design."
Key Responsibilities
- Lead the design and implementation of secure AWS infrastructure, ensuring VPC patterns, peering, and transit gateways follow strict security segmentation.
- Architect and manage production-grade EKS clusters using Docker and Kubernetes, implementing advanced security controls including OPA/Gatekeeper and workload identity.
- Design and maintain secure automation pipelines using GitHub Actions, ensuring security checks are integrated into the deployment lifecycle.
- Build and maintain central identity and access systems using Keycloak, integrating OIDC/OAuth and LDAP across the enterprise.
- Develop modular, reusable Terraform templates and YAML configurations that incorporate automated compliance checks and security best practices.
- Manage and secure Postgres DB instances, including encryption strategies and secret management workflows (AWS KMS) to ensure zero-trust data handling.
- Develop custom Python-based tooling to automate infrastructure audits, remediation of drift, and security response workflows.
Must-Have Qualifications
- 10+ years in Infrastructure or Systems Engineering with a proven track record of designing secure large-scale environments.
- Expert-level mastery of AWS, Kubernetes, and Docker.
- Mandatory proficiency in Python for infrastructure automation and security tool development.
- Hands-on experience building and managing pipelines with GitHub Actions.
- Expert-level Terraform experience and mastery of YAML for configuration management.
- Practical experience designing and deploying Keycloak and OIDC/OAuth protocols.
- Experience managing and securing Postgres relational databases.
Nice to Have
- Experience with Jenkins, Azure DevOps (ADO), or Ruby scripting.
- Proficiency in Bash or Shell for system-level maintenance.
- AWS Certified Solutions Architect or AWS Certified Security - Specialty.
- Experience designing for compliance frameworks such as SOC2, ISO 27001, or NIST.
Use of Artificial Intelligence in Hiring: The Company may use artificial intelligence (AI) enabled tools to assist with certain aspects of the recruitment process, such as resume screening and candidate matching. All employment decisions are made by human reviewers. The Company uses AI responsibly and in compliance with applicable employment, privacy, data protection, and human rights laws of Ontario.
Orion is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, gender identity or expression, pregnancy, age, national origin, citizenship status, disability status, genetic information, protected veteran status, or any other characteristic protected by law.
Candidate Privacy Policy
Orion Systems Integrators, LLC and its subsidiaries and its affiliates (collectively, “Orion,” “we” or “us”) are committed to protecting your privacy. This Candidate Privacy Policy (orioninc.com) (“Notice”) explains:
- What information we collect during our application and recruitment process and why we collect it;
- How we handle that information; and
- How to access and update that information.
Your use of Orion services is governed by any applicable terms in this notice and our general Privacy Policy.
