Firmenlogo

Core Infrastructure Engineer en Umbra

Umbra · Arlington, Estados Unidos De América · On-site

AWS

Cloud

Solicitar ahora

Description

Umbra is an American space technology company delivering advanced systems—from sensors to spacecraft—that empower customers worldwide with unmatched access to critical information from space. Our mission is simple and ambitious: redefine space—for people, systems, and missions in every domain.

The Information Technology organization underpins that mission by delivering secure, reliable, and scalable technology platforms that enable Umbra employees, engineers, and mission teams to execute with speed, confidence, and compliance. IT operates as a shared service and strategic capability—favoring platforms, automation, and guardrails over bespoke solutions.

About the Role
Umbra IT is evolving into a capability-platform operating model aligned to CorpTECH, BusTECH, and EngTECH domains. Within this model, CorpTECH owns the foundational platform and identity guardrails that underpin the enterprise.

The Core Infrastructure Engineer is a senior technical contributor responsible for designing, implementing, and evolving Umbra’s enterprise network, observability posture, and foundational infrastructure architecture across East Coast sites and mission-adjacent environments.

This role is architect-level in networking depth and platform visibility.

You will:

  • Design multi-site, segmented, defense-in-depth network architectures
  • Build standardized site templates (Reston, Arlington, future offices)
  • Engineer network isolation models for CUI and potentially classified workloads
  • Mature real-time observability across Core Infrastructure platforms
  • Ensure Umbra’s corporate and engineering environments scale without fragile, bespoke configurations


Key Responsibilities

Enterprise Network Architecture & Segmentation

  • Architect multi-site corporate network topology (Arlington, Reston, future locations).
  • Design segmentation strategies for:
    • Corporate workloads.
    • Engineering compute environments.
    • CUI and regulated use cases.
  • Implement defense-in-depth controls across routing, firewall, VLAN, ACL, and zero-trust models.
  • Develop standardized site build templates for repeatable deployment.



Network Redundancy & Deterministic Failover Engineering

  • Design and validate dual-ISP architectures across all sites.
  • Engineer predictable failover behavior (BGP/static + health checks + SD-WAN policies).
  • Test and measure reconvergence times during controlled failover simulations.
  • Eliminate single points of failure across edge, firewall, routing, and switching layers.
  • Standardize high-availability (HA) posture for network and security appliances.


Observability & Infrastructure Telemetry Maturity

  • Mature Umbra’s infrastructure observability strategy across:
    • Network devices (firewalls, switches, SD-WAN, edge), identity systems, Cloud landing zones, Core services (DNS, DHCP, PKI, secrets, backup/DR).
  • Integrate all Core Infrastructure platforms into the enterprise observability system.
  • Define and implement meaningful health signals, including:
    • Failover events, Route instability, Resource saturation, Certificate expiration, Backup success/failure, Identity service degradation.
  • Establish clear alert thresholds that promote proactive intervention rather than reactive firefighting.
  • Ensure observability data is structured for:
    • Real-time visibility, Incident response, Trend analysis, Capacity planning, Audit evidence.


CUI & Regulated Environment Readiness

      • Design segmented environments aligned to CUI handling requirements.
      • Engineer controlled interconnect boundaries between corporate and restricted zones.
      • Ensure enclave segmentation persists during ISP failover events.
      • Document network and logging posture to support InfoSec/GRC audit requirements.
      • Partner with IS&PP for classified and physical security boundary enforcement.



SD-WAN, Edge & Zero-Trust Engineering

        • Own SD-WAN architecture and routing policies.
        • Optimize firewall and edge routing behavior.
        • Implement and refine ZTNA/VPN models.
        • Standardize QoS for Engineering/HPC-related traffic patterns.



Cloud & Hybrid Network Integration

          • Design secure connectivity between on-prem environments and cloud landing zones.
          • Align network guardrails with AWS organization architecture.
          • Engineer resilient hybrid connectivity for HPC and advanced compute workloads.
          • Ensure network posture supports future HPC platform transitions.


High-Performance Compute & Advanced Workloads

            • Design network architectures that support:
              • High-throughput compute.
              • Engineering toolchains (ECAD/MCAD/simulation).
              • Burst compute workloads.
            • Collaborate with forward-deployed engineers to understand traffic behavior and optimize accordingly.
          • Ensure HPC adjacency does not destabilize corporate network baselines.


Infrastructure as Code & Standardization

              • Treat network and infrastructure configurations as version-controlled assets.
              • Build reusable templates and deployment standards.
              • Reduce snowflake environments.
              • Publish architecture documentation and interface contracts.

Requirements

Required Qualifications

  • 8+ years enterprise infrastructure experience.
  • 5+ years advanced networking architecture (multi-site, segmentation, routing design).
  • Deep experience with:
    • Cisco routing/switching (architect-level).
    • Firewall policy design (Fortinet and/or Cisco).
    • SD-WAN architectures.
    • VLAN, ACL, BGP/OSPF fundamentals.
  • Experience designing segmented environments for regulated workloads (CUI preferred).
  • Strong understanding of Zero-Trust Network Access models.
  • Experience integrating on-prem networks with AWS & Azure environments.
  • Experience implementing infrastructure observability frameworks and defining actionable health signals.
  • Proven ability to move from reactive administration to architectural standardization.

Desired Qualifications

  • CCNP or CCIE-level capability (certification optional, skillset required).
  • Experience supporting classified or mission-sensitive environments.
  • Exposure to HPC networking or high-throughput compute clusters.
  • Infrastructure-as-Code experience (Terraform, automation frameworks).
  • Familiarity with CheckMK or similar infrastructure observability platforms.
  • Experience operating in audit-driven environments (NIST, CMMC, SOC2).
  • Identity & Access Management Engineering (Okta preferably).

Benefits

  • Flexible Time Off, Sick, Family & Medical Leave
  • Medical, Dental, Vision, Life, LTD, STD (employer funded)
  • Vol Life, Critical Illness, Accidental, Hospital Indemnity, Pet Insurance (employee funded)
  • 401k with 3% non-elective company contribution
  • Stock Options
  • Free Parking
  • Free lunch in office daily

Umbra is an Equal Opportunity Employer. We do not discriminate in hiring on the basis of sex, gender identity, sexual orientation, race, color, religious creed, national origin, physical or mental disability, protected veteran status, or any other characteristic protected by federal, state, or local law.

Employment Eligibility Verification

In compliance with federal laws, all hired persons will be required to verify their identity and eligibility to work in the United States by completing the required Employment Eligibility Verification Form (I-9 Form) upon hire.

ITAR/EAR Requirements

This position may include access to technology and/or data that is subject to U.S. export controls pursuant to ITAR and EAR. To comply with federal export controls, all persons hired must be a U.S. citizen, U.S. national, U.S. lawful permanent resident, refugee or asylee as defined by 8 U.S.C. § 1324b(a)(3), or must otherwise be eligible to obtain the required authorizations from the U.S. Department of State and/or U.S. Department of Commerce as applicable. 

Pay Transparency
This job posting may cover multiple career levels. To ensure greater transparency, we provide base salary ranges for all roles, regardless of location. Our standard pay ranges are based on the role’s function and level, benchmarked against similar growth-stage companies. Compensation may vary based on geographical location, as certain regions may have different cost-of-living factors. The final offer will also be influenced by the candidate's skills, responsibilities, and relevant experience.

Compensation Range

The Compensation Range for this role is $150,000 - $180,000 DOE.

Solicitar ahora

Otros empleos

Firmenlogo

Military Veteran Mechanic - Larry Stovesand Kia

Kia Veterans Technician Apprenticeship Program (VTAP) · Carbondale, Estados Unidos de América

Firmenlogo

Front Desk, Housekeeping & Maintenance for 2026 Season

Horizon Outdoor Hospitality · Twin Mountain, Estados Unidos de América

Firmenlogo

Core Infrastructure Engineer

Umbra · Reston, Estados Unidos de América