Systems Engineer - Container Platform - Contingent
Aretum
McLean, VARemote$82,000 - $91,000 a yearFull Time
Job Description
About Aretum
Aretum is a mission-driven organization committed to delivering innovative, technology-enabled solutions to our customers across defense, civilian, and homeland security sectors. Our teams work at the intersection of strategy, technology, and transformation, helping agencies solve their most critical challenges. We believe in investing in our people and creating a culture where collaboration, inclusion, and professional growth are at the forefront.
Job Summary
Lead the deployment, hardening, and operational management of containerized applications on AWS ECS or OpenShift platform for a Federal cloud environment. Responsible for evaluating and hardening vendor-supplied containers, implementing container orchestration infrastructure-as-code, and establishing secure, compliant container operations that support millions of client transactions while meeting RMF/ATO requirements.
Due to the nature of our work as a federal consulting organization, employees may be expected to handle Controlled Unclassified Information (CUI) and must adhere to applicable safeguarding and compliance requirements.
Responsibilities
Deploy, configure, and manage AWS ECS or OpenShift container orchestration platform in production Federal environment
Evaluate vendor-supplied container images for security vulnerabilities, compliance gaps, and operational requirements
Implement container hardening strategies applying CIS benchmarks, DSTI STIGs, and federal security baselines
Configure container orchestration including task/service definitions (ECS) or deployments/operators (OpenShift)
Manage container lifecycle including image versioning, updates, patching, and rollback procedures
Implement horizontal auto-scaling policies based on CPU, memory, custom metrics, and workload patterns
Establish container networking including service discovery, ingress/egress controls, and inter-container communication
Perform container image scanning using tools such as Prisma Cloud, Aqua Security, Twistlock, or AWS ECR scanning
Remediate container vulnerabilities identified through scanning and security assessments
Implement runtime security controls including container isolation, resource limits, and security contexts
Configure secrets management for containerized applications using AWS Secrets Manager or HashiCorp Vault
Apply least-privilege principles to container IAM roles and service accounts
Implement container image signing and verification workflows
Document container security controls and provide evidence for RMF/ATO security assessment
Develop and maintain infrastructure-as-code using Terraform or AWS CloudFormation for container platform
Build automated deployment pipelines for container infrastructure and application updates
Create repeatable, version-controlled infrastructure patterns for scaling to 130+ system instances
Implement GitOps workflows for infrastructure change management and audit trails
Develop automation scripts for container platform management and troubleshooting
Establish configuration baselines and drift detection mechanisms
Design and implement multi-AZ container deployments ensuring high availability during infrastructure failures
Configure health checks, readiness probes, and liveness probes for container self-healing
Implement disaster recovery procedures including backup strategies for persistent container data
Establish resource reservation and quality-of-service policies to prevent resource contention
Design capacity planning and scaling strategies to handle variable workloads serving millions of clients
Implement zero-downtime deployment strategies including blue-green and rolling updates
Create comprehensive operational runbooks for container platform management, troubleshooting, and incident response
Document deployment procedures, configuration baselines, and security hardening steps
Develop standard operating procedures (SOPs) for routine maintenance and emergency procedures
Maintain container platform architecture diagrams and configuration documentation for RMF compliance
Create knowledge transfer materials for scaling operations team
Requirements
Bachelor's degree in Computer Science, Information Systems, Information Technology, or related technical field
Relevant professional certifications and demonstrated experience may supplement education
5-7 years in systems engineering, DevOps, or infrastructure roles
3+ years hands-on experience with container platforms (ECS, OpenShift, or Kubernetes) in production environments
2+ years working with AWS infrastructure and services
Experience with container hardening, security scanning, and vulnerability remediation
Strong analytical and troubleshooting skills with systematic problem-solving approach
Attention to detail and commitment to security-first operations
Ability to work independently and manage multiple concurrent infrastructure workstreams
Effective written and verbal communication for documentation and cross-team collaboration
Adaptable to fast-paced, deadline-driven environment with changing requirements
Proactive mindset for identifying and resolving potential issues before they impact operations
Preferred Requirements
AWS Certified Solutions Architect - Associate or Professional
Certified Kubernetes Administrator (CKA) or Red Hat Certified Specialist in OpenShift
Docker Certified Associate
Experience with service mesh technologies (Istio, AWS App Mesh)
Knowledge of container vulnerability management platforms (Prisma, Aqua, Twistlock)
Federal government contracting or DoD infrastructure experience
Experience with immutable infrastructure and GitOps methodologies
Travel Requirements
This is a remote position; however, occasional travel may be required based on project needs, client meetings, team collaboration events, or training sessions. Travel is expected to be less than 10% and will be communicated in advance whenever possible.
EEO Statement
Aretum is committed to fostering a workplace rooted in excellence, integrity, and equal opportunity for all. We adhere to merit-based hiring practices, ensuring that all employment decisions are made based on qualifications, skills, and ability to perform the job, without preference or consideration of factors unrelated to job performance.
As an Equal Opportunity Employer, Aretum complies with all applicable federal, state, and local employment laws.
We are proud to support our nation’s veterans and military families, providing career opportunities that honor their service and experience.
If you require reasonable accommodation during the hiring process due to a disability, please contact [email protected] for assistance.
Equal Opportunity Employer/Veterans/Disabled
U.S. Work Authorization
Due to federal contract requirements, only U.S. citizens are eligible for this position. This position supports a federal government contract and requires the ability to obtain and maintain a Public Trust or Suitability Determination, depending on the agency’s background investigation requirements.
Benefits
Health Care Plan (Medical, Dental & Vision)
Retirement Plan (401k)
Life Insurance (Basic, Voluntary & AD&D)
Paid Time Off
Family Leave (Maternity, Paternity)
Short Term & Long-Term Disability
Training & Development
Aretum is a mission-driven organization committed to delivering innovative, technology-enabled solutions to our customers across defense, civilian, and homeland security sectors. Our teams work at the intersection of strategy, technology, and transformation, helping agencies solve their most critical challenges. We believe in investing in our people and creating a culture where collaboration, inclusion, and professional growth are at the forefront.
Job Summary
Lead the deployment, hardening, and operational management of containerized applications on AWS ECS or OpenShift platform for a Federal cloud environment. Responsible for evaluating and hardening vendor-supplied containers, implementing container orchestration infrastructure-as-code, and establishing secure, compliant container operations that support millions of client transactions while meeting RMF/ATO requirements.
Due to the nature of our work as a federal consulting organization, employees may be expected to handle Controlled Unclassified Information (CUI) and must adhere to applicable safeguarding and compliance requirements.
Responsibilities
Deploy, configure, and manage AWS ECS or OpenShift container orchestration platform in production Federal environment
Evaluate vendor-supplied container images for security vulnerabilities, compliance gaps, and operational requirements
Implement container hardening strategies applying CIS benchmarks, DSTI STIGs, and federal security baselines
Configure container orchestration including task/service definitions (ECS) or deployments/operators (OpenShift)
Manage container lifecycle including image versioning, updates, patching, and rollback procedures
Implement horizontal auto-scaling policies based on CPU, memory, custom metrics, and workload patterns
Establish container networking including service discovery, ingress/egress controls, and inter-container communication
Perform container image scanning using tools such as Prisma Cloud, Aqua Security, Twistlock, or AWS ECR scanning
Remediate container vulnerabilities identified through scanning and security assessments
Implement runtime security controls including container isolation, resource limits, and security contexts
Configure secrets management for containerized applications using AWS Secrets Manager or HashiCorp Vault
Apply least-privilege principles to container IAM roles and service accounts
Implement container image signing and verification workflows
Document container security controls and provide evidence for RMF/ATO security assessment
Develop and maintain infrastructure-as-code using Terraform or AWS CloudFormation for container platform
Build automated deployment pipelines for container infrastructure and application updates
Create repeatable, version-controlled infrastructure patterns for scaling to 130+ system instances
Implement GitOps workflows for infrastructure change management and audit trails
Develop automation scripts for container platform management and troubleshooting
Establish configuration baselines and drift detection mechanisms
Design and implement multi-AZ container deployments ensuring high availability during infrastructure failures
Configure health checks, readiness probes, and liveness probes for container self-healing
Implement disaster recovery procedures including backup strategies for persistent container data
Establish resource reservation and quality-of-service policies to prevent resource contention
Design capacity planning and scaling strategies to handle variable workloads serving millions of clients
Implement zero-downtime deployment strategies including blue-green and rolling updates
Create comprehensive operational runbooks for container platform management, troubleshooting, and incident response
Document deployment procedures, configuration baselines, and security hardening steps
Develop standard operating procedures (SOPs) for routine maintenance and emergency procedures
Maintain container platform architecture diagrams and configuration documentation for RMF compliance
Create knowledge transfer materials for scaling operations team
Requirements
Bachelor's degree in Computer Science, Information Systems, Information Technology, or related technical field
Relevant professional certifications and demonstrated experience may supplement education
5-7 years in systems engineering, DevOps, or infrastructure roles
3+ years hands-on experience with container platforms (ECS, OpenShift, or Kubernetes) in production environments
2+ years working with AWS infrastructure and services
Experience with container hardening, security scanning, and vulnerability remediation
Strong analytical and troubleshooting skills with systematic problem-solving approach
Attention to detail and commitment to security-first operations
Ability to work independently and manage multiple concurrent infrastructure workstreams
Effective written and verbal communication for documentation and cross-team collaboration
Adaptable to fast-paced, deadline-driven environment with changing requirements
Proactive mindset for identifying and resolving potential issues before they impact operations
Preferred Requirements
AWS Certified Solutions Architect - Associate or Professional
Certified Kubernetes Administrator (CKA) or Red Hat Certified Specialist in OpenShift
Docker Certified Associate
Experience with service mesh technologies (Istio, AWS App Mesh)
Knowledge of container vulnerability management platforms (Prisma, Aqua, Twistlock)
Federal government contracting or DoD infrastructure experience
Experience with immutable infrastructure and GitOps methodologies
Travel Requirements
This is a remote position; however, occasional travel may be required based on project needs, client meetings, team collaboration events, or training sessions. Travel is expected to be less than 10% and will be communicated in advance whenever possible.
EEO Statement
Aretum is committed to fostering a workplace rooted in excellence, integrity, and equal opportunity for all. We adhere to merit-based hiring practices, ensuring that all employment decisions are made based on qualifications, skills, and ability to perform the job, without preference or consideration of factors unrelated to job performance.
As an Equal Opportunity Employer, Aretum complies with all applicable federal, state, and local employment laws.
We are proud to support our nation’s veterans and military families, providing career opportunities that honor their service and experience.
If you require reasonable accommodation during the hiring process due to a disability, please contact [email protected] for assistance.
Equal Opportunity Employer/Veterans/Disabled
U.S. Work Authorization
Due to federal contract requirements, only U.S. citizens are eligible for this position. This position supports a federal government contract and requires the ability to obtain and maintain a Public Trust or Suitability Determination, depending on the agency’s background investigation requirements.
Benefits
Health Care Plan (Medical, Dental & Vision)
Retirement Plan (401k)
Life Insurance (Basic, Voluntary & AD&D)
Paid Time Off
Family Leave (Maternity, Paternity)
Short Term & Long-Term Disability
Training & Development