DevOps Engineers work closely with development teams to provide (and support) the environment needed to deliver the organisation's services quickly and efficiently, using automation and self-service.

ASD requires a Cloud DevOps Engineer for the delivery of a scalable and secure cloud development to support ASD's resiliency goals and objectives for PROTECTED capabilities while also considering dependency and dependent systems and services. Additionally, the candidate must work with ASD customers to design cost effective, secure and resilient cloud based up to PROTECTED solutions. Furthermore, they must identify opportunities to consolidate, simplify, streamline, and continually improve cloud based or cloud utilising internal and customer capability.

• Designing AWS infrastructure solutions to meet the organisational technical and business requirements
• Collaborating with cross-function teams to optimize AWS services for cost performance, security and reliability; while adhering to best practice and compliance standards
• Coordinate with senior leadership
• Work with ASD customers to design cost effective, secure and resilient cloud based PROTECTED and OFFICIAL solutions
• Identify opportunities to consolidate, simplify, streamline, and continually improve cloud based, or cloud utilising internal and customer capability.
• Identify, inform and seek to mitigate release engineering risks during work planning.
• Improve the quality of a product or service such as developer productivity, release frequency, operational outcomes.
• Implement and maintain continuous integration/continuous deployment functionality
• Implement and maintain development, build, or deployment tooling and scripts
• Maintain documentation and standard operating procedures
• Automate infrastructure provisioning and configuration for reliable environment management
• Plan, automate, test, and deploy databases using pipelines.
• Identify and implement process improvements for DevOps workflows.

• Bachelor's degree in either I.T, System Engineering, Computer Science, or other related field
• Strong skills in programming and Scripting
• Strong IT infrastructure background with expertise in DevOps methodologies and cloud architecture
• Proficiency in CI/CD pipelines and automation
• Ability to manage client relationships and deliver excellent customer service.

• Australian Citizenship and a NV1 security clearance is essential

• Design and maintain AWS Control Tower and Account Factory for Terraform (AFT) infrastructure
• Manage networks with Palo Alto Cloud NGFW and AWS Network Firewall
• Manage AWS Organizations, SCPs, and OU structures for workload isolation and governance
• Ability to PoC various AWS Services for tenants.
• Good understanding of K8S/ArgoCD/Gitops and develop frameworks to provide it as a service to various tenancies.
• Deploy and maintain shared platform services (SSO, logging, monitoring, automation)
• Good understanding of PSPF, ISM and E8.
• Understanding of CNAPP/SASE tooling and services in cloud
• Integration with Azure Identities, Applications, SIEM and general management

Infrastructure as Code

• Develop and maintain Terraform modules and configurations
• Build reusable IaC modules for Landing Zones, platform services, and workload deployments
• Implement GitOps workflows using CodePipeline, CodeBuild, and CodeCommit to deploy across AWS accounts.
• Implement GItOps workflows using EKS/ArgoCD/AzureAd across AWS accounts.

Security & Compliance

• Implement security controls meeting government compliance requirements
• Manage centralized logging (CloudTrail, VPC Flow Logs, GuardDuty) to Azure Sentinel

DevSecOps & Automation

• Build Python/Boto3 Lambda functions for platform automation and remediation
• Develop pre-commit hooks, JSON Schema validation, and CICD quality gates
• Implement security scanning (Checkov, tflint, git-secrets) in pipelines
• Create EventBridge rules and Step Functions for event-driven automation
• Maintain Systems Manager automation documents and patch management

Network & Firewall Management

• Configure and maintain Palo Alto Cloud NGFW
• Manage AWS Network Firewall
• Implement VPC architecture
• Troubleshoot complex multi-account network connectivity issues

Platform Services

• Manage EC2 Image Builder pipelines for hardened AMIs (RHEL, Amazon Linux, Ubuntu)
• Configure OpenSearch clusters for log analytics and visualization
• Implement cost optimization strategies and FinOps practices

Observability & Incident Response

• Build CloudWatch dashboards, alarms, and metrics for platform monitoring
• Integrate with Azure Monitor and Sentinel for SIEM capabilities
• Respond to CIS benchmark alerts and security findings
• Perform root cause analysis and implement preventive measures

AWS Services (Expert Level)

• Organizations, Control Tower, AFT, IAM, SSO/Identity Center
• VPC, Transit Gateway, Network Firewall, Route53
• Lambda, Step Functions, EventBridge, Systems Manager
• S3, DynamoDB, KMS, Secrets Manager
• CloudTrail, CloudWatch, Security Hub, GuardDuty, Inspector

Infrastructure as Code

• Terraform (1.0+) - modules, state management, workspaces
• Python/Boto3 for automation and Lambda development
• Ansible for configuration management
• Jsonnet/JSON/YAML for configuration and schemas

Security & Compliance

• AWS security best practices and Well-Architected Framework
• Government compliance frameworks
• Network security and firewall rule management

DevOps & CICD

• Git workflows and branching strategies
• Gitlab and AWS CodePipeline, CodeBuild, CodeCommit
• Pre-commit hooks and quality gates
• Docker and container-based builds

Preferred Experience

• 5+ years AWS cloud engineering experience
• 2+ years K8S experiance
• Government or highly regulated industry experience
• Large-scale multi-account AWS environments
• Palo Alto Networks firewall administration
• Azure integration (Sentinel, Monitor, Entra ID)
• Linux system administration and hardening
• Disaster recovery and business continuity planning

• Work on interesting and prestigious projects vital to the ongoing defence of Australia.
• Flexible work environment; work the hours that suit you between 7am and 7pm.
• Low attrition rate: the great variety of projects and opportunities across different business areas ensure few workers leave ASD.
• Long contracts available.
• Fantastic growth opportunities available at any stage of your career.

• Kinexus has been supplying TSPV contractors to government panels since 2004 and have a strong relationship with them. We are one of just 9 suppliers Australia-wide.
• Our experience in managing contractors in defence/national security industries means we understand the requirements from the Commonwealth, insurances and clearances.
• DISP accredited; we can hold clearances and manage renewals.
• Dedicated account manager (me!) who is your dedicated POC and offer continuous contractor care.
• Rate negotiation guidance in line with the SFIA framework.
• Dedicated payroll assistant who facilitates your taxes and super.
• We proactively chase timesheet approvers to ensure you get paid on-time and error free.
• Regular visits to Canberra for coffee, lunches and quarterly drinks events.
• We can facilitate novated car leases, LAFHA or salary sacrifice.
• We'll keep you up to date with the most appropriate, interesting opportunities in your field.
• Community matters. Kinexus supports women in Defence through our female mentoring program and rewards referrers through our Referral Rewards scheme.
• Support for your health and wellness through counselling support (EAP) available for all contractors and their families.