Secure Infrastructure Engineer

Dark Wolf is seeking a Secure Infrastructure Engineer to join our team. This engineer will be responsible for designing, hardening, and automating the deployment of secure baseline images for a major medical technology client. The ideal candidate will have deep expertise in Windows operating systems and database hardening, specifically aligning with STIGs. You will work within a surgical engineering team to define and build "Gold Images" that balance strict federal compliance with operational functionality. This position will call for support at a main DW office location at a hybrid capacity. Tasks may include assisting with:

• Designing and creating hardened "Gold Images" for core technologies including Windows Server 2025, Windows 11, and MS SQL.
• Automating the application of DISA STIGs and CIS Benchmarks using PowerShell, Ansible, or similar scripting tools.
• Integrating secure baselines into a centralized artifact repository for consumption by product teams.
• Developing and maintaining documentation for security policies, configuration changes, and exception handling.
• Collaborating with offensive security teams to validate image resilience against vulnerabilities.
• Analyzing vulnerability scan results (from tools like Nessus or proprietary pipelines) and remediating configuration drift.
• Deploying and maintaining a centralized artifact repository on cloud-native architecture (AWS/Azure).
• Building and maintaining CI/CD pipelines to automate the ingestion, scanning, and publishing of secure container images.
• Integrating low-CVE base images (e.g., via Chainguard) into the development supply chain.
• Implementing and managing automated compliance scanning tools (SAST/DAST/Fuzzing) within the build pipeline.

Required Qualifications:

• Bachelor’s degree in IT Security, Information Systems, or equivalent
• Minimum of 4+ years of experience in Systems Engineering, Infrastructure Operations, or working with commercial cloud providers (AWS, Azure, or GCP)
• Deep expertise in Windows Server and Desktop administration and configuration
• Proven experience applying and managing DoD DISA STIGs or CIS Benchmarks in an enterprise environment
• Extensive experience with Containerization (Docker, Kubernetes) and Container Security
• Strong proficiency in scripting and automation (PowerShell, Python, Ansible, or Terraform) to enforce security configurations