Staff Devops Engineer, Software, Product Operations

Lila Sciences Lila Sciences · AI Frontier · Alewife, Cambridge, MA · Software

The Staff/Principal DevOps Engineer will drive the design, implementation, and optimization of infrastructure and delivery platforms, bridging platform engineering, SRE, and DevOps. This role focuses on building scalable, automated systems for fast, reliable software delivery in cloud and Kubernetes environments, collaborating with various engineering and scientific teams. Responsibilities include building Kubernetes systems, CI/CD pipelines, IaC with Terraform, AWS cloud infrastructure, platform tooling, reliability engineering, software supply chain practices, and QA/testing infrastructure, with automation in Python or Go.

What you'd actually do

  1. Build Kubernetes-based systems supporting scientific services, ML pipelines, and platform workloads; including production hardening, RBAC, network policies, and Pod Security Standards
  2. CI/CD pipelines with GitHub Actions/GitLab CI implementing best practices: build attestations, SBOM generation, dependency scanning, and container image hardening
  3. Infrastructure-as-code with Terraform and Helm; policy-as-code guardrails (OPA/Kyverno/Checkov) with drift detection
  4. AWS cloud infrastructure: EKS clusters, IAM least privilege, VPC/PrivateLink networking, KMS/Secrets Manager, ECR, S3, and centralized logging/monitoring
  5. Platform tooling to streamline deployment, observability, and developer workflows, enabling self-service with secure defaults

Skills

Required

  • DevOps
  • SRE
  • Systems Engineering
  • Platform Engineering
  • cloud environments (AWS, GCP, etc)
  • infrastructure-as-code (Terraform, Helm)
  • containerization
  • CI/CD systems (GitHub Actions, GitLab CI, or Jenkins)
  • GitOps practices
  • Python/scripting languages
  • Kubernetes operations

Nice to have

  • observability platforms
  • chaos engineering
  • incident management
  • Securing ML/AI pipelines
  • regulated/audit-heavy environments (SOC 2, ISO 27001)
  • Supply chain security maturity
  • Administering static analysis platforms
  • scaling browser-based test suites
  • startup/high-growth experience

What the JD emphasized

  • production hardening
  • RBAC
  • network policies
  • Pod Security Standards
  • build attestations
  • SBOM generation
  • dependency scanning
  • container image hardening
  • policy-as-code guardrails
  • drift detection
  • IAM least privilege
  • VPC/PrivateLink networking
  • KMS/Secrets Manager
  • centralized logging/monitoring
  • self-service with secure defaults
  • SLOs/SLIs
  • incident response
  • capacity planning
  • performance optimization
  • artifact signing
  • registry governance
  • vulnerability management
  • static analysis
  • code quality gate enforcement
  • automated end-to-end and browser-based regression test suites
  • ephemeral test environments
  • pre-merge quality checks
  • Python or Go