CI/CD Platform & Deployment Engineer Intern

Description

Position Overview

We are looking for technically sharp and systems-minded CI/CD Platform & Deployment Engineer Interns to join our Federal Practice team and help build the automated delivery pipelines, cloud infrastructure, and platform tooling that power mission-critical government software. You will work alongside experienced DevSecOps engineers, cloud architects, and federal agency partners to design, implement, and harden the deployment infrastructure that gets secure, compliant software into production — fast and reliably.

In the federal environment, the path from code to production is uniquely complex — shaped by security authorization requirements, air-gapped networks, compliance mandates, and multi-cloud constraints. You won't just be running playbooks; you'll be solving real infrastructure challenges that have direct impact on how quickly agencies can modernize and deliver value to the public 

Key Responsibilities

• Design, build, and maintain CI/CD pipelines that automate the build, test, security scanning, and deployment of applications to federal cloud environments (AWS GovCloud, Azure Government, Google Cloud)
• Implement infrastructure as code (IaC) using tools such as Terraform, Pulumi, or AWS CloudFormation to provision, manage, and version cloud resources in a repeatable and auditable manner
• Integrate automated security and compliance checks into pipeline stages, including SAST/DAST scanning, container image vulnerability assessment, secrets detection, and policy-as-code enforcement aligned to NIST 800-53 and FedRAMP controls
• Support containerization and orchestration of application workloads using Docker and Kubernetes (EKS, AKS, or GKE), including Helm chart development, namespace configuration, and cluster lifecycle management
• Develop and maintain deployment automation for blue/green, canary, and rolling release strategies that minimize downtime and risk for production federal systems
• Monitor, observe, and improve platform reliability using tools such as Prometheus, Grafana, Datadog, or CloudWatch, and contribute to SLI/SLO definitions and incident response runbooks
• Support the Authority to Operate (ATO) process by generating pipeline-driven compliance artifacts, maintaining system security documentation, and enforcing configuration baselines
• Collaborate with development teams to optimize build performance, improve developer experience, and troubleshoot pipeline failures across multiple application teams
• Participate in agile ceremonies, code reviews, and technical design sessions, and contribute to platform engineering documentation and internal knowledge bases

Requirements

  Minimum Requirements: 

• Currently enrolled in an accredited Bachelor's, Master's, or equivalent program in Computer Science, Software Engineering, Information Technology, Systems Engineering, or a related field
• Minimum GPA of 3.2/4.0 (or equivalent)
• Foundational experience with CI/CD concepts and tools such as GitHub Actions, GitLab CI, Jenkins, CircleCI, or Tekton
• Comfort working in a Linux/Unix command-line environment, including shell scripting (Bash or equivalent)
• Familiarity with containerization fundamentals — building, tagging, and running Docker images
• Basic knowledge of at least one cloud platform (AWS, Azure, or Google Cloud) and core services (compute, storage, networking, IAM)
• Understanding of version control workflows (Git branching strategies, pull requests, code review practices)
• Strong analytical and troubleshooting skills with a systems-thinking mindset
• Clear written and verbal communication skills; able to document technical processes for both engineering peers and non-technical stakeholders

 Preferred Qualifications 

• Hands-on experience with infrastructure as code tools (Terraform, Pulumi, AWS CDK, or CloudFormation)
• Working knowledge of Kubernetes — deploying applications, writing manifests, working with Helm charts, and debugging pod-level issues
• Familiarity with DevSecOps practices and pipeline-integrated security tooling (Snyk, Trivy, SonarQube, Checkov, OWASP ZAP, or equivalents)
• Exposure to policy-as-code frameworks such as Open Policy Agent (OPA), Kyverno, or AWS Config Rules
• Experience with secrets management solutions (HashiCorp Vault, AWS Secrets Manager, or Azure Key Vault)
• Knowledge of federal compliance frameworks including FedRAMP, FISMA, NIST SP 800-53, and DISA STIGs
• Familiarity with GitOps workflows and tools such as ArgoCD or Flux
• Experience with observability and monitoring stacks (Prometheus, Grafana, ELK/OpenSearch, Datadog, or Splunk)
• Exposure to service mesh architectures (Istio, Linkerd) or zero-trust networking concepts
• Relevant certifications or coursework: AWS Cloud Practitioner, Certified Kubernetes Administrator (CKA), HashiCorp Terraform Associate, or CompTIA Security+

What You'll Gain

• Mission-critical infrastructure ownership: The pipelines and platforms you help build will directly determine how quickly and safely federal agencies can ship software that serves millions of Americans
• Federal DevSecOps depth: Hands-on exposure to the uniquely rigorous world of government software delivery — including ATO processes, FedRAMP boundary management, STIG hardening, and compliance-as-code — capabilities that are in high demand and short supply across the industry
• End-to-end platform engineering experience: You'll work across the full delivery infrastructure stack — from pipeline configuration and IaC modules to Kubernetes cluster operations and observability tooling — building a comprehensive, portfolio-ready skill set
• Mentorship: Paired with a senior platform or DevSecOps engineer who will provide hands-on technical guidance, career coaching, and regular 1:1 support throughout the internship
• Professional development: Access to internal learning  resources, cloud and platform certification support (AWS, Azure, GCP, CKA, Terraform Associate), and a speaker series featuring engineers and federal technology leaders
• Pathway to full-time: High-performing interns are considered for full-time platform engineer, DevSecOps engineer, and site reliability engineer (SRE) roles upon graduation