Senior Platform Engineer
Indexed description
Ready to grow with a team that’s built for your success? Apply today.
Our Commitment:
The Boyd Group welcomes unique talents from all backgrounds and characteristics. We act with integrity and appreciate the diverse perspectives that make our "Greater Team" exceptional. Qualified individuals, including those with disabilities and Protected Veterans, are encouraged to apply.
Job Description:
The Platform Engineer serves as a senior technical resource responsible for strengthening cloud security foundations across AWS and Azure through preventive controls, secure network architecture, and CI/CD enforcement. This role is highly hands-on and designs and implements security platforms in collaboration with Infrastructure Architecture, translating agreed designs and roadmaps into deployable technical standards, automation (Terraform, Python/PowerShell), and operationalized platform capabilities. Limited on-call expectations focused on escalation for platform-level issues.
Key Job Responsibilities
Cloud Foundations
- Build and evolve cloud foundations in AWS Control Tower, including baseline standards for account structure, preventive cloud controls, and secure-by-default patterns.
- Reduce privilege escalation paths by defining and enforcing least-privilege patterns, privileged role boundaries, and secure administrative workflows for cloud operations and automation.
- Improve service/API security through standard patterns for workload/service identities, credential handling, and secure service-to-service access (in partnership with application and platform teams).
- Reduce lateral movement risk by implementing cloud network security architecture patterns (segmentation, controlled east-west paths, and a centralized egress/inspection approach where appropriate).
- Collaborate with the Infrastructure Architect on target designs and multi-quarter roadmaps; implement approved designs through standards, automation, and platform changes.
- Design and implement security-as-code and policy-as-code enforcement in GitLab CI/CD for infrastructure and access changes, with a focus on preventing high-risk IAM and network patterns from being deployed.
- Standardize secure delivery patterns through reusable pipeline templates/components and Terraform module conventions (PR-based change control, reviewable outputs).
- Secure CI/CD automation identities and secrets usage patterns in pipelines (permissions, separation of duties, and safe credential handling).
- Drive adoption across engineering teams by providing clear patterns, documentation, and reference implementations.
- Design, implement, and own CyberArk across PAM, EPM, and Secrets Hub: onboarding patterns, access models, rotation workflows, elevation policies, privileged workflows, and platform automation.
- Maintain and improve the current MFA/SSO platform as required, and support rationalization/consolidation toward the target platform strategy over time.
- Provide standardized privileged access and secrets usage patterns that directly support cloud and CI/CD security objectives (automation identities, break-glass approach, service credential patterns).
- Establish continuous controls monitoring outcomes for cloud and platform controls (control validation, exception identification, and standardized reporting outputs).
- Provide and maintain security configurations and audit-ready outputs for control reviews (cloud controls, CI/CD enforcement controls, privileged access controls), coordinating with control owners as needed.
- Translate security requirements into deployable technical standards implemented through established change processes.
- Maintain documentation for platform designs, standards, CI/CD enforcement, privileged access workflows, and operational procedures.
- Identify control gaps and operational inefficiencies and propose/implement targeted improvements.
- Incorporate lessons learned from incidents, changes, and platform issues into standards, automation, and runbooks.
- Participate in ongoing professional development to stay current with cloud security engineering practices and platform security tooling.
- 5+ years of experience in platform engineering, cloud/infrastructure engineering with security ownership, and/or platform engineering in an enterprise environment.
- Demonstrated experience designing and implementing security platforms, including partnering with architecture stakeholders to define target-state designs and roadmaps and executing them through technical delivery.
- Strong AWS security engineering experience, including an AWS Organizations / Control Tower operating model; Azure experience is a plus.
- Proven ability to implement preventive controls addressing privilege escalation, service/API security, and network lateral movement in cloud environments.
- Strong CI/CD engineering experience with GitLab, including implementing security and policy enforcement into pipelines and PR workflows.
- Proficiency with Terraform and strong automation skills using Python and/or PowerShell (API-driven integrations, repeatable tooling).
- Hands-on experience with privileged access and secrets platforms: CyberArk preferred (PAM/EPM/Secrets Hub). Equivalent experience with Delinea/BeyondTrust acceptable.
- Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or related field (or equivalent experience).
- Annual Paid Time Off (PTO) plans
- 2 weeks of Paid Parental Leave for Full time Employees who work a minimum of 30 hours per week
- 6 paid holidays annually
- Medical, Prescription Drug, Dental & Vision Insurance effective Day 1
- 401(k) Retirement Plan with company match
- Employer Paid Short-Term Disability & Life Insurance
- Additional Voluntary Life Insurance
- Continuing Education Opportunities
- Free Prescription or Non-Prescription Safety Glasses annually
- Annual Voluntary Uniform Stipend
- Voluntary Daily Pay option available
AI Disclosure Statement:
At The Boyd Group and all affiliated companies, we do not use artificial intelligence (AI) or automated tools to screen, assess, or select applicants for employment. All hiring decisions are made by real people who review each application individually.
Compensation Details:
$130,000 - $150,000 / Year
Supplemental Pay:
Compensation is commensurate with skill, education and experience.
This position may also be eligible for Bonus opportunities tied to individual or business initiatives.
Benefits That Drive Your Success
Gerber offers the comprehensive benefits you expect from an industry leader, including:
- Flexible PTO Plan
- 2 weeks of paid parental leave for Full Time employees who work a minimum of 30 hour per week
- 6 paid holidays annually
- Medical, Prescription Drug, Dental & Vision Insurance
- 401(k) Retirement Plan with company match
- Employer Paid Short-Term Disability & Life Insurance
- Additional Voluntary Life Insurance
- Continuing Education Opportunities
- Free prescription or non prescription safety glasses each year
- Annual Voluntary Uniform Stipend
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search