Skip to content
DatabricksDatabricksVirginia

Sr Staff Production Engineer- Public Sector

Senior Production Engineer owns secure cloud infrastructure, IAM, and automation across AWS, Azure, GCP for public sector and regulated environments. Requires 12+ years experience, cloud expertise, and TS/SCI clearance eligibility.

195k – 269k/yr
On-site12+ YOEDevOps / SRE

About the role

The Impact You'll Have

Security-Focused Cloud Operations

  • Design, automate, and operate the IAM, account/subscription, and project lifecycle across AWS, Azure, and GCP, enforcing least-privilege and standardized access patterns at scale.
  • Review, implement, and continuously improve cloud identity and access policies (IAM, Okta, Opal) to align with Databricks security standards and audit requirements.

Production Engineering & Automation

  • Build and maintain reliable, observable automation and tooling to apply cloud changes (roles, policies, accounts, networking) safely and repeatedly.
  • Treat operational and security issues as software problems: eliminate toil, drive root-cause analysis, and codify fixes into infrastructure and tooling.

Security Data Pipelines & Compliance

  • Own and improve security and audit logging data pipelines from cloud providers into our internal systems, ensuring timely, accurate data for detection, investigations, and audits.
  • Partner with Security, Compliance, and Audit teams to provide evidence, clarifications, and policy updates that keep our environments aligned with evolving standards.

Regulated & Specialized Environments

  • Operate and improve specialized, highly regulated environments (e.g., FedRAMP / GovCloud) including release management, patching cadences, and supporting secure access workflows (e.g., SAW).
  • Ensure high availability and resiliency for critical security and access infrastructure across these environments.

On-Call & Incident Response

  • Participate in a 24x7 on-call rotation for high-severity incidents impacting cloud accounts, IAM, or security data pipelines.
  • Act as a key partner to product engineering, security engineering, and field teams during incidents to restore service and harden systems for the future.

What We Look For

Required: Candidates must be eligible for a Top Secret / Sensitive Compartmented Information (TS/SCI) security clearance.

Nice to have: Possession of a current polygraph (Counterintelligence or Full Scope) is highly desired and considered a significant plus.

Education: BS, MS, or PhD in Computer Science, Engineering, or a related technical field, or equivalent practical experience.

Experience: 12+ years of experience, including leading the strategy for cloud IAM, account architecture, or security-critical infrastructure across multiple environments or business units.

Cloud & Infrastructure Expertise

  • Deep hands-on experience with at least one major cloud provider (AWS, Azure, or GCP) in areas such as IAM, networking, accounts/subscriptions/projects, and audit logging.
  • Strong background in Infrastructure-as-Code and automation (e.g., Terraform, CloudFormation, or similar) and CI/CD for infrastructure changes.

Security & Compliance Mindset

  • Proven experience working in or with security-sensitive or regulated environments (e.g., SOC2, FedRAMP, ISO 27001, financial services, public sector) and translating requirements into concrete technical controls.
  • Familiarity with access review processes, policy baselines, and audit evidence for cloud environments.

Operational Excellence

  • Demonstrated success running high-availability, security-critical services, including on-call responsibilities and incident management.
  • Strong debugging and problem-solving skills across distributed systems, with the ability to navigate ambiguous issues spanning multiple teams and platforms.

Bonus

  • Experience with Okta, Opal, or similar identity/access tooling.
  • Background operating secure admin workstations (SAW) or comparable hardened access patterns.
  • Experience migrating cloud accounts or subscriptions during M&A or large-scale reorganizations.

Pay Range: $195,400—$268,600 USD

Skills

AWSAzureGCPIAMTerraformCloudFormationOktaOpalInfrastructure As CodeCI/CD

Similar roles

DevOps / SRE jobs
Crusoe

Staff Network Engineer, Operations

CrusoeSan Francisco, CA

Staff-level network operations engineer responsible for production reliability, incident response, and operational excellence across Crusoe's global edge, backbone, data center, and GPU cluster networks supporting AI workloads.

195k – 235k/yr
On-site8+ YOEDevOps / SRE
Imply

Staff Software Engineer (Remote)

ImplyBurlingame, CA

Builds and operates scalable distributed systems, web services, and multi-cloud infrastructure (AWS, Azure, GCP, Kubernetes) for petabyte-scale data products in a remote-first environment. Requires 10+ years experience with Java and infrastructure-as-code.

195k – 230k/yr
Remote10+ YOEDevOps / SRE
Komodo Health

Staff Platform Engineer (Pacific Time Zone)

Komodo HealthUnited States

Lead technical direction for Komodo's core control plane (KMC/PSS, identity, subscriptions) and App Builder/Connector. Architect platform primitives, APIs, and AI tooling in a multi-tenant SaaS environment.

196k – 275k/yr
Remote7+ YOEDevOps / SRE
Fivetran

Staff Site Reliability Engineer

FivetranOakland, CA

Staff Site Reliability Engineer owns production infrastructure reliability, monitors availability and capacity, automates deployments, and drives incident response. Requires deep expertise in managed Kubernetes, multi-cloud platforms, IaC tools, and scripting.

196k – 245k/yr
HybridDevOps / SRE
Illumio

Staff Engineer

IllumioSunnyvale, CA

Staff Engineer building scalable, resilient cloud architecture and distributed systems on AWS/Azure/GCP with Kubernetes for Illumio's Zero Trust cybersecurity platform. Requires strong cloud programming experience, distributed systems expertise, and 7+ years overall experience.

194k – 233k/yr
On-site7+ YOEDevOps / SRE