Senior Cloud Engineer

As a Senior Cloud Engineer you will build the reusable, team-agnostic GitLab CI/CD platform that the rest of the organization adopts. You are the engineering engine that turns Security Benefit's DevSecOps maturity roadmap into working, audit-compliant pipelines - then partner directly with each team's tech leads to onboard their workloads and hand day-to-day release ownership back to those teams. This role is best suited for a builder who takes pride in engineering excellence within a clear strategic direction, going deep on one team at a time and leaving every engagement with a reusable contribution to the shared platform.

This role reports to the Manager, AWS Platform Engineering, and is based out of our Overland Park, Kansas office with a hybrid work schedule offering flexibility between on-site and remote work.

• Design, build, and maintain enterprise-standard GitLab CI/CD templates, shared libraries, and include components that teams adopt with minimal friction - ensuring every engagement leaves a reusable artifact back in the shared platform
• Own GitLab runner fleet management and performance, including Windows runners required for private-network access to SQL Server environments across DEV, QA, and PROD
• Implement Terraform-based Infrastructure as Code for AWS workloads (ECS Fargate, EC2, Lambda, RDS/Aurora) across environment-segregated accounts
• Build database and data-engineering CI/CD: migration-based deployment for SQL Server and Snowflake, SSIS/.ispac packaging, and ETL/DML/DDL pipelines
• Build SAST, DAST, SCA, and secret-detection as reusable shared CI components, and embed segregation of duties, dual approval, JSM/CAB integration, and automated audit-evidence generation into the pipeline standard
• Partner with each team's tech lead to onboard their workload onto the standard pipeline, define a clear handoff-readiness bar, and ensure tech leads can independently own releases end to end
• Produce documentation, runbooks, and quick-reference guides as first-class deliverables alongside the code; provide ongoing consulting and escalation support to teams operating autonomously
• Manage versioned, immutable artifacts via GitLab Package Registry with semantic versioning, SHA256 verification, and audit-compliant retention; implement environment promotion (DEV * QA * PROD) and rollback procedures
• Enforce secrets-management best practices across all pipelines using GitLab CI variables and AWS Secrets Manager
• Provide technical mentorship and guidance to junior engineers on the team, building internal capability alongside the platform itself

Do you have experience in YAML?, * 5-8+ years hands-on in DevOps, DevSecOps, platform, or release engineering, including a track record of building reusable CI/CD adopted by more than one team

• Deep GitLab CI/CD expertise: pipeline templates and components, Compliance Module, runner fleet management, group and repository administration, access controls, branch protection, and merge request policies
• Strong Terraform/IaC skills and solid AWS experience across ECS, EC2, Lambda, RDS/Aurora, S3, IAM, and Secrets Manager
• Scripting proficiency across stacks: PowerShell (critical for Windows runners and SQL Server automation), Python, Bash, and YAML
• Experience implementing security scanning (SAST, DAST, SCA, secret detection) inside CI/CD pipelines
• Demonstrated ability to design automation that satisfies audit and compliance requirements - approval gates, evidence generation, and change traceability - ideally in a regulated industry
• Working knowledge of containerization (Docker)
• Builds for reuse, not for the moment: leaves every team more capable and self-sufficient, thrives going deep single-threaded, and treats documentation as part of the job
• Database and data-engineering CI/CD: migration-based deployment (Flyway-style/schemachange), SSIS, dbt; pragmatic problem-solving when vendor tooling is unreliable (preferred)
• Exposure to the modern data stack: Snowflake, Fivetran (Terraform provider), and Coalesce (preferred)
• GitLab, AWS, and/or Terraform certifications (preferred)

Pulled from the full job description

• Tuition reimbursement

• Paid parental leave

• Parental leave

• Health insurance

• 401(k) matching

• Paid time off

• Vision insurance, Why Choose Security Benefit? When you join our team, you're not just getting a paycheck - you're getting a career path full of growth opportunities, plus a robust benefits package that puts your well-being first. Here's what you can expect as a full-time Security Benefit associate:

• Competitive salary and annual incentive bonuses to reward your contributions.

• 33 days of paid time off (including PTO, holidays, Volunteer Day, and days of significance).

• Paid parental leave after 90 days of service.

• Comprehensive medical, dental & vision insurance.

• 401(k) with company match, plus Profit Sharing & Savings Plan.

• Short- and Long-Term Disability Insurance to give you peace of mind.

• Flexible Spending Accounts for medical and dependent care.

• Life Insurance to protect your loved ones.

• Educational assistance to support your career development.

• Associate assistance programs for your personal and professional well-being.

Security Benefit is a leader in the U.S. retirement market with more than $60 billion in assets under management. We offer opportunities to thrive, innovate, and make an impact. As part of our team, you'll play a key role in driving the future of the U.S. retirement industry. Security Benefit is a PLACE where we promise to help our customers To and Through Retirement®. We're proud to have been recognized as one of the best in the business: * Named to Ward's 50 list of top-performing life-health insurance companies * Recognized on list of Ingram's Top 100 Private Companies in the Kansas City area in 2024