Python Infrastructure Engineer (SC CLEARED)

Role Overview

We are seeking a skilled (SECURITY CLEARED) Python Infrastructure Engineer to support and enhance the infrastructure for a Python-based data and application platform. The ideal candidate will have strong Python skills alongside deep experience in Infrastructure as Code (IaC), cloud security, and CI/CD practices. You will play a key role in maintaining and evolving the infrastructure underpinning critical applications and data pipelines.

Key Responsibilities

• Codebase Management & Maintenance
• Maintain and enhance the existing digitall-land-python codebase, ensuring reliability, scalability, and compliance with coding standards.
• Collaborate with developers and data engineers to support application lifecycle and deployment workflows.
• Infrastructure as Code (IaC)
• Design and implement Terraform scripts to provision and manage cloud infrastructure (e.g., AWS, Azure, or GCP).
• Ensure infrastructure is modular, version-controlled, and reusable across environments.
• Infrastructure Security & Governance
• Establish and enforce infrastructure security best practices, including secure networking, encryption, and logging.
• Work with security teams to conduct threat modeling, penetration testing, and audit logging.
• Identity and Access Management (IAM)
• Implement and manage IAM policies and permissions for cloud-native applications and GitHub repositories.
• Define least-privilege access roles for both human and service identities, aligning with compliance requirements.
• Oversee changes to environment variables and secrets for multiple applications and Airflow DAGs, ensuring secure storage and controlled access.
• Maintain configuration consistency across dev, test, staging, and production environments.
• Strong Python programming background with experience supporting infrastructure-heavy codebases.
• Proven experience with Terraform or similar IaC tools (e.g., Pulumi, AWS CloudFormation).
• Deep knowledge of cloud platforms (AWS, Azure, or GCP), with a focus on provisioning, security, and IAM.
• Familiarity with CI/CD tools (e.g., GitHub Actions, Jenkins, CircleCI) and Git-based workflows.
• Hands-on experience with Airflow, particularly DAG management and operational reliability.
• Solid understanding of DevOps, SRE, or platform engineering principles.
• Exposure to secrets management tools (e.g., AWS Secrets Manager, HashiCorp Vault).
• Experience managing GitHub organization permissions and automations via APIs or Terraform providers.
• Background in working with data engineering platforms or data lakes.
• Experience with containerization (Docker) and container orchestration (Kubernetes) is a plus.