About the Organization
Now is a great time to join Redhorse Corporation. We are a solution-driven company delivering data insights and technology solutions to customers with missions critical to U.S. national interests. We’re looking for thoughtful, skilled professionals who thrive as trusted partners building technology-agnostic solutions and want to apply their talents supporting customers with difficult and important mission sets.
About the Role
Redhorse transforms the way the government uses data and technology. We are seeking an "Everything Engineer" with a focus on Infrastructure and DevOps to build the "runway" for a mission-critical modernization project. You will help replace a massive, decades-old legacy system that manages billions of dollars in international security cooperation with a modern web platform.
The project
We’re working to modernize a mission-critical legacy system that manages foreign military sales cases for the U.S. government. It’s the system of record behind billions of dollars in international security cooperation. The legacy platform is a decades-old fat-client application with hundreds of screens, millions of lines of Java code, hundreds of thousands of lines of stored-procedure logic, hundreds of reports, and a ton of batch processing. It works. But we can do better for an important national security mission.
Our job is pretty straight forward. Out with the old, in with the new. We’re going to replace the legacy system with a modern web platform that does all the things; from a functional perspective, a technical perspective, and a compliance perspective. And we’re going to make it happen through quick iterations, built on an Agentic AI Software Development Lifecycle.
From an infrastructure perspective, the interesting part is the operating model. The platform must satisfy DoD impact-level 4 security requirements, federal risk-management and financial-audit frameworks, and Zero Trust architecture, and support an engineering team that merges continuously and expects CI feedback in minutes.
How we build (read this before applying)
AI-led development isn’t a novelty act, its just how software is built. Full stop. Every engineer on this team works through agentic toolkits, Codex/Claude Code/etc. Every day. On production code and production infrastructure. Our engineering harness (versioned rules, skills, and specs that guide both humans and agents) is a first-class product with its own backlog. We measure ourselves on shipped, verified capability, not lines typed.
What that means in practice:
You’ll decompose problems into specs precise enough that an agent can implement them directly and concretely, and you’ll own everything you merge, because agent output is your output.
Compliance is a build artifact here. Controls map to pipeline gates and infrastructure-as-code rules, and audit evidence is generated continuously by the pipeline, never assembled by hand the week before an assessment. You’ll build that machinery.
You’ll ship constantly. Small reviewable changes, an always-green main branch, an always-on beta environment in GovCloud that government stakeholders can touch any day of the week.
You get to play with all the latest cool tech as part of your job.
If you think of AI-led development as vibe-coding, or some fad you tolerate between “real” work, this isn’t your team. If you’ve hand rolled enough code and infrastructure to appreciate how Agentic AI outsources all the tedious bits and lets you build anything, let’s talk.
What “Everything Engineer” means
Everybody builds across the whole stack (UI, API, database, infrastructure, pipeline) because our unit of work is a complete vertical slice of business capability, not a layer. You’ll have genuine breadth: you can read the application code your platform runs, fix the flaky test blocking the queue, and hold your own in schema conversations. And you’ll have real depth in your focus area, where you set the technical bar for the team.
Your focus: Infrastructure, DevOps, DevSecOps
You’ll own the runway everything else takes off from.
AWS GovCloud environments, entirely in CDK (TypeScript). Accounts, networking, compute, data stores, secrets, observability, with compliance rules (cdk-nag NIST packs) enforced from the first stack, not retrofitted.
CI/CD that runs a lot and stays fast. GitHub Actions with affected-only builds, remote caching, merge queues, test sharding, and a hard latency budget on PR gates. When CI slows down, it’s a problem for everybody.
The dual-scan delivery pipeline. Full scanning on our side (SAST, dependencies, containers, IaC, secrets, SBOMs), signed artifacts and provenance, then mirroring to a government-side repository where everything is scanned again, and should always come back clean, because we caught it first.
Zero Trust for real. CAC/ICAM-integrated identity, mTLS, policy-as-code authorization, no implicit network trust, continuous posture monitoring mapped to controls.
Evidence automation. The pipeline emits the artifacts that become the security-authorization package.
Developer-experience engineering. You’re responsible for the feedback loops that tell an engineer (or their agent) precisely what failed and why within minutes.
Who thrives here
Deep, wide technical background. You’ve written real application code, not just YAML, and you understand the full ecosystem: web systems, databases, security, networking. You’re the person who can debug anything, anywhere in the stack, and enjoys it.
Agent-native. Real, hands-on mileage with Codex and/or Claude Code (or equivalent) on codebases that matter. You have opinions about specs, context, and harness design based on your experiences.
A tinkerer. Intellectually curious, pulls threads, profiles the slow job instead of just re-running it. You build quality solutions because you actually understand the problem.
Generous. You share information by default: runbooks, demos, pairing, better harness rules for everyone. You put the success of the team ahead of your individual success.
Good to break bread with. We’re a small team on a challenging mission.
The stack
A TypeScript end to end. Node with a REST API. PostgreSQL with Prisma. React front end. Temporal workflows. AWS GovCloud, defined in AWS CDK (TypeScript). GitHub and GitHub Actions CI. Vitest and Playwright. Codex and/or Claude Code (or equivalent) with a versioned team harness. Slack and Jira. Everything gets wrapped in containers and pushed to EKS or ECS. On the legacy side you’ll deal with: Oracle 19c, PL/SQL, converted-Forté Java, Cognos, Control-M.
Requirements
US citizenship and eligibility for a US SECRET clearance
3+ years of work experience with upward trajectory
Strong track record building and operating production cloud infrastructure and CI/CD for real products at DoD IL4,with enough software engineering depth to plug in anywhere in the stack
Hands-on experience with agentic AI development tools (Codex and/or Claude Code, or equivalent) on real codebases
Infrastructure-as-code fluency (CDK strongly preferred, Terraform/Pulumi welcome)
Desired Experience
Security and compliance automation experience (control frameworks mapped to pipeline gates, evidence generation); GovCloud or other restricted-environment operations.
Nice to have: STIG and hardening experience; developer-experience or build-performance engineering.