ispace

AWS Devops Engineer

Englewood, Colorado, United States

$101-152k

Full Time

27 minutes ago

Back to jobs

Job description

At ispace U.S., we’re not just going to the Moon—we’re redefining how we get there. Our missions push the boundaries of human and robotic exploration, driven by our belief: “Expand our Planet. Expand our Future.” By providing cost-effective lunar transportation, we are pioneering a future where space is within reach for scientific discovery, commercial ventures, and sustainable exploration.

With locations in Japan, Luxembourg, and the United States, ispace is rapidly growing and leading the way in lunar exploration and development. Our U.S. branch is based in Englewood, Colorado, and focuses on high-capacity payload lunar landers designed to support future lunar missions. Our team is made up of innovators, problem-solvers, and visionaries committed to making space more accessible and fostering the next generation of space exploration.

Let’s go to the Moon together! Our team is growing, and we are actively seeking talented individuals who share our passion for space.

We are seeking a highly skilled AWS DevOps Engineer to support aerospace cloud operations, security, and compliance. This role is critical in ensuring secure, scalable, and compliant AWS infrastructure while enabling software teams to deploy efficiently within regulatory frameworks such as ITAR, NIST 800-171, DFARS, and CMMC.

As the DevOps Engineer, you will own cloud automation, infrastructure as code (IaC), CI/CD pipelines, and security enforcement across AWS.

Key Responsibilities:

AWS Infrastructure & Automation (IaC)
Design, build, and maintain AWS infrastructure (EC2, VPC, RDS, S3, IAM, Route 53, etc.) using Terraform / AWS CloudFormation
Automate cloud provisioning, scaling, and governance using AWS Systems Manager & AWS Organizations
Manage AWS Landing Zones to enforce multi-account security & compliance
CI/CD & Deployment Automation
Build & maintain secure CI/CD pipelines (AWS CodePipeline, GitHub Actions, Jenkins) with policy-based approvals
Automate AWS Lambda, ECS (Fargate), and EKS (Kubernetes) deployments while maintaining strict access control
Implement artifact signing & deployment verification for compliance tracking
Security & Compliance (DevSecOps)
Enforce IAM least privilege access, role-based access control (RBAC), and MFA policies
Implement AWS Config, Security Hub, and GuardDuty to continuously scan for misconfigurations and vulnerabilities
Automate log collection & auditing (AWS CloudTrail, SIEM integrations, AWS Audit Manager)
Ensure data encryption & key management using AWS KMS, Secrets Manager, and Hardware Security Modules (HSMs)
Monitoring, Incident Response & Cost Optimization
Implement real-time monitoring & alerting (AWS CloudWatch, Prometheus, ELK Stack)
Automate incident response using AWS Lambda for auto-remediation
Optimize cloud cost efficiency by managing Auto Scaling, Reserved Instances, and FinOps best practices
Collaboration & Cloud Governance
Work closely with engineering teams to provide DevOps best practices while maintaining compliance
Act as a liaison between IT, security, and software engineers, ensuring regulatory adherence without slowing down development
Create self-service DevOps automation to empower teams while enforcing IT security policies

Required Qualifications & Skills:

3-5+ years of AWS DevOps experience in regulated environments
Strong Infrastructure as Code (IaC) experience (Terraform, AWS CloudFormation)
CI/CD experience (AWS CodePipeline, Jenkins, GitHub Actions, GitLab CI/CD)
Deep AWS security expertise (IAM, VPC, WAF, GuardDuty, Security Hub)
Experience with regulatory compliance (ITAR, DFARS, NIST 800-171, CMMC, ISO 27001)
Linux administration & scripting (Python, Bash, or PowerShell)
Experience with cloud monitoring & incident response (CloudWatch, ELK Stack, Prometheus)
Strong problem-solving skills, ability to work independently, and cross-functional collaboration experience
Preferred (Nice-to-Have) Qualifications
Experience with AWS GovCloud or air-gapped cloud environments
Kubernetes experience (EKS, Helm, ArgoCD)
AWS Certifications (AWS DevOps Engineer and/or Solutions Architect Professional)
Experience with STIG hardening & automated compliance validation

Preferred skills :

Direct aerospace or defense industry experience - Previous work in organizations like Lockheed Martin, Boeing, SpaceX, Northrop Grumman, or similar would be highly valuable due to understanding of the unique industry challenges.
Demonstrated compliance implementation - Specific examples of implementing ITAR, NIST 800-171, or CMMC controls in AWS environments, rather than just general awareness.
AWS GovCloud experience - Specific work history building and managing AWS GovCloud environments, as these operate differently from standard AWS regions.
Multi-account architecture design - Experience designing and implementing secure AWS Organizations structures with separate accounts for production/development/security.

We welcome candidates with diverse experience levels and evaluate the best fit on an

individual basis. Your final job level and salary will be determined based on your skills, experience, and

the impact you can bring to the role.

• Health Coverage: Competitive medical, vision, and dental plans, with 100% company-paid

options available for employees.

• Hybrid Work: Flexibility to work remotely and in-office, depending on your role and the stage of

our program.

• Commuter Perks: Company-paid RTD EcoPass for buses and light rail.

• Lunch Perks: Monthly stipend to enjoy meals from our café.

• Paid Time Off: 18 vacation days, 6 sick days, and 14 paid holidays.

• Retirement: 401(k) plan with company matching.

• Travel: Opportunities for domestic and international travel.

• Stock Options: Participation in our stock option program.

• Learning & Development: Ample opportunities to grow, including lunch-and-learns, skills

training, and stipends for professional development.

• Team Culture: A fun and casual environment with regular team gatherings, including monthly

TGIF events to connect and unwind.

#LI-LH1

At ispace, we believe that diverse perspectives drive innovation. We welcome applicants from all backgrounds and experiences, even if you don’t meet every listed requirement. If you’re passionate about our mission and think you can contribute, we encourage you to apply. Your unique skills and experiences may be exactly what we need to grow and succeed together.

To conform to U.S. Government space technology export regulations, including the International Traffic in Arms Regulations (ITAR) you must be a U.S. citizen, lawful permanent resident of the U.S., protected individual as defined by 8 U.S.C. 1324b(a)(3), or eligible to obtain the required authorizations from the U.S. Department of State. Learn more about the ITAR .here.  

ispace is an Equal Opportunity Employer; employment with ispace is governed on the basis of merit, competence and qualifications and will not be influenced in any manner by race, color, religion, gender, national origin/ethnicity, veteran status, disability status, age, sexual orientation, gender identity, marital status, mental or physical disability or any other legally protected status.

All applicants who are offered employment with ispace US will be subject to a background investigation. Offers of employment are contingent on the successful completion of a background investigation conducted in accordance with Company policies and all applicable laws.

ispace Technologies, US, Inc. is a drug-free workplace.

ispace Technologies, US, Inc. participates in the E-Verify program.