Infrastructure Architect

Our client, an industry leader in automotive data, is seeking an Infrastructure Architect in Reston, Virginia, or Southfield, Michigan. This is a 4-day a week in office hybrid position. No visa transfer is available for this position. No agencies, please.

Infrastructure Architect – Hybrid Cloud \& Kubernetes Platform

About the Role:

You will serve as the technical authority responsible for architecting, building, and operating a next-generation hybrid cloud platform that spans on-premises data centers and hyperscale cloud providers. This role blends deep systems engineering expertise with modern cloud-native design, emphasizing Kubernetes, immutable infrastructure, and Infrastructure as Code. You will ensure the platform is highly available, secure by design, and capable of supporting mission-critical workloads at a global scale.

If you thrive at the intersection of hardware and software, enjoy designing systems that never go down, and excel at solving complex distributed-systems challenges, this is the role for you.

Key Responsibilities:

Architecture \& Design:

• Hybrid Cloud Strategy — Architect and implement a unified hybrid cloud platform integrating on-prem infrastructure with AWS, Azure, or GCP.
• High Availability — Design systems targeting 99\.99% uptime, including multi-region failover, global load balancing, and disaster recovery architectures.
• Kubernetes Platform Engineering — Lead the design, deployment, and lifecycle management of enterprise-grade Kubernetes clusters across on-prem and cloud environments.

Automation \& Engineering:

• Infrastructure as Code — Define all infrastructure using code. Build and maintain large-scale Terraform and Chef/Ansible repositories for provisioning, configuration, and drift detection.
• Immutable OS Architecture — Implement container-optimized, immutable Linux distributions (Talos, Flatcar, Bottlerocket). Replace SSH-based workflows with API-driven configuration to improve consistency and reduce operational overhead.
• Database Reliability Engineering — Architect HA and distributed database solutions (MySQL, MongoDB, etc.), including clustering, sharding, replication, and backup/restore strategies.

Security \& Operations:

• Immutable Security Model — Replace in-place patching with automated node rotation and image-based updates to ensure production always runs on verified, up-to-date OS images.
• Supply Chain Security — Integrate image scanning, signing (Cosign, Notary), and SBOM analysis into CI/CD pipelines to detect vulnerabilities before deployment.
• Runtime Security — Deploy eBPF-based runtime defense tools (Falco, Tetragon) to detect anomalous behavior in shell-less, minimal OS environments.
• Policy as Code — Enforce cluster governance using OPA Gatekeeper or Kyverno to prevent misconfigurations and maintain strict pod security standards.
• Observability \& Tracing — Implement full-stack observability using Prometheus, Grafana, Jaeger, and distributed tracing to provide deep visibility into ephemeral workloads and infrastructure layers.

Qualifications:

Required:

• 7\+ years in Systems Engineering, DevOps, or Platform Engineering, with 3\+ years in an Architecture role.
• Deep expertise in at least one major cloud provider (AWS, Azure, or GCP) and experience integrating cloud with on-prem data centers.
• Proven experience running Kubernetes in production; CKA certification is a plus.
• Advanced proficiency with Terraform and configuration management tools (Chef, Ansible).
• Strong understanding of immutable infrastructure and minimal Linux distributions designed for Kubernetes.
• Experience architecting HA solutions for SQL and NoSQL databases.

Preferred:

• Experience with service mesh technologies (Istio, Linkerd).
• Background in regulated industries (Finance, Healthcare) with exposure to SOC2, HIPAA, or PCI-DSS.
• Programming experience in Python or Go for automation and tooling.