Kubernetes / Cloud Architect

Kubernetes / Cloud Architect at

SEA CORP

Kubernetes / Cloud Architect at

SEA CORP

in Manassas, Virginia Posted in 5 days ago.

Job Description:

SEA CORP

Location:

Manassas, VA Req ID:

req1805 SEACORP is seeking a well-qualified Kubernetes / Cloud Architect .

Primary Duties and Responsibilities:

Job Summary :

SEACORP is seeking a Kubernetes / Cloud Architect to leadthe design, standardization, and evolution of an enterprise cloud Platform as aService (PaaS) built on Kubernetes and related cloud-native infrastructuretechnologies. This position is in support of our SWFTS Common InfrastructureServices (CIS) program. This role isresponsible for defining the architecture, patterns, and operational standardsfor a resilient, secure, scalable, and highly automated platform that enablesapplication teams to deploy and operate workloads consistently across enterpriseenvironments. The architect will own the target-state platform designspanning container runtime, orchestration, networking, storage, observability,service mesh, high availability, security, and platform automation. The idealcandidate brings deep expertise in Kubernetes and enterprise platformengineering, along with the ability to guide implementation teams and aligntechnical direction with business and operational goals.

Job Responsibilities Include:

Lead the architecture and technical strategy for an enterprise Kubernetes-based PaaS supporting multi-team and multi-environment deployments. Define and document reference architectures for platform components including RKE2, CRI-O, Istio, Prometheus, Grafana, Fluentd, Canal, Multus, Flannel, Calico, KubeVIP, DRBD, Ceph, Helm, Ansible, Kustomize, and Kubernetes manifests. Design highly available, resilient, and secure Kubernetes clusters for production enterprise workloads. Establish standards for cluster provisioning, node lifecycle management, upgrades, patching, backup, and disaster recovery. Architect platform networking patterns including ingress/egress, IP management, multi-homing, overlay networking, policy enforcement, and network segmentation. Design persistent storage patterns for stateful workloads using technologies such as Ceph, DRBD, and Kubernetes storage abstractions. Define service mesh architecture and workload communication standards using Istio, including traffic management, mTLS, observability, and policy enforcement. Establish observability standards using Prometheus, Grafana, and Fluentd for metrics, dashboards, logging, alerting, and operational insights. Design secure platform patterns for identity, secrets management, policy controls, workload isolation, admission controls, and supply chain security. Define GitOps and configuration management approaches using Helm, Kustomize, Ansible, and declarative manifests. Develop multi-cluster and multi-environment strategies for development, test, staging, and production environments. Execute tenancy, namespace design, RBAC, quotas, and self-service capabilities. Produce architecture diagrams, standards, runbooks, and decision records. Review platform and application designs for compliance with architecture principles, operational standards, and security requirements. Mentor platform engineers and help mature platform engineering practices, reliability engineering, and automation discipline.

Qualifications:

Education:

Bachelor's degree in Computer Science, Engineering, Information Systems, or a related technical field

Required Experience:

Required knowledge of RKE2, Kubernetes, Git, and Linux. Preferred knowledge in Go, YAML, JSON, CEL. Candidates should have the ability to work in a fast-paced work environment. Able to collaborate with others while being able to handle independent tasking. Ability to learn new technologies quickly. 7+ years of experience in infrastructure architecture, cloud architecture, platform engineering, or systems engineering. 3+ years of experience designing and operating enterprise Kubernetes platforms in production. Deep hands-on experience with Kubernetes architecture, including control plane components, worker node design, scheduling, networking, storage, and security. Experience with enterprise Kubernetes distributions such as RKE2 or similar production-grade platforms. Experience with container runtimes such as CRI-O and strong understanding of container lifecycle and node-level operations. Strong experience with Kubernetes networking technologies including Canal, Flannel, Calico, Multus, load balancing, & virtual IP approaches such as KubeVIP. Strong experience architecting persistent storage for Kubernetes, including Ceph. Experience implementing observability stacks using Prometheus, Grafana, and Fluentd or comparable tools. Experience designing and implementing service mesh capabilities using Istio or similar technologies. Strong experience with infrastructure and platform automation using Helm, Ansible, Kustomize, and Kubernetes manifests. Strong understanding of high availability, disaster recovery, backup, scaling, and reliability engineering principles. Experience with enterprise security practices including RBAC, network policies, secrets handling, mTLS, image security, and policy enforcement. Ability to define execute production architectures, technical standards, and documented operating models. Proven experience working across infrastructure, security, networking, and application teams in complex enterprise environments.

Desired Experience:

Desired knowledge in the areas of Kubernetes, security (Vault, OPA, Falco, mTLS), Resource management (HPA, VPA, Cluster Autoscaler, KEDA), CI/CD pipeline tools (GitOps, Pipelines, Release Management). Master's degree in Computer Science, Distributed Systems, Cloud Computing, or a related discipline. Experience with Team Submarine, SWFTS, US Navy program offices, TI/APB cycle Experience with private cloud platform design. Experience with GitOps platforms (i.e. Argo CD or Flux). Experience with governance frameworks such as OPA or Kyverno. Familiarity with ingress controllers, API gateways, and DNS automation. Experience with secrets platforms such as HashiCorp Vault, external secrets operators, or cloud-native key management systems. Experience with platform multi-tenancy models and internal developer platforms. Familiarity with CI/CD pipelines for containerized application delivery. Experience with OS hardening, immutable infrastructure, and secure node baseline design. Experience supporting regulated or security-sensitive environments.

Exceptional Qualifications:

Candidates possessing knowledge in these technologies will be considered exceptional candidates: Recognized expertise in building and scaling enterprise Kubernetes-based PaaS environments for mission-critical workloads. Experience delivering software and systems for Team Submarine or SWFTS programs, including experience with the Submarine platform tactical systems. Deep, production-level experience across the full platform stack: RKE2, CRI-O, Istio, Prometheus, Grafana, Fluentd, Ceph, DRBD, Calico, Multus, KubeVIP, Helm, Ansible, and Kustomize. Demonstrated success architecting highly available and secure private cloud or hybrid cloud platforms at enterprise scale. Experience designing architectures for highly regulated, air-gapped, or disconnected environments. Proven ability to make sound architectural tradeoffs across networking, storage, reliability, operability, and developer experience. Experience leading large-scale modernization initiatives from VM-centric infrastructure to cloud-native platforms. Ability to align platform architecture decisions with long-term enterprise strategy, operational excellence, and business outcomes. As a requirement of employment, all SEACORP employees must hold U.S.

Citizenship Location:

Manassas, VA Travel:

Quarterly (approximately 4 times a year)

Clearance:

Secret Work Environment & Physical Demands:

Office & Computer Laboratories - Sitting, standing, extended periods of time using a mouse and keyboard and viewing computer screens. Infrequent lifting of