Staff Infrastructure Systems Engineer

United States·Alamedalead

Systems EngineerInfrastructure & Cloud

0 views0 saves0 applied

Apply Now

Quick Summary

Overview

Astra’s mission is to improve life on Earth from space by creating a healthier and more connected planet. Today, Astra offers one of the lowest cost-per-launch dedicated orbital launch services, and one of the industry’s leading flight-proven electric propulsion systems for satellites, the Astra…

Technical Tools

awsazuregcpkubernetespythonci-cdlinuxnetworkingoauth

This role focuses on infrastructure for people and internal systems:

Identity (SSO, RBAC, lifecycle)
Endpoints (Mac, Windows, Linux)
Access (device trust, zero-trust networking)
Internal platform and automation

You will not primarily own CI/CD pipelines or Kubernetes clusters
You will not focus on application deployment infrastructure
This role is about access, identity, endpoints, and secure systems for humans

Own identity as a first-class system (SSO, RBAC, lifecycle, device trust)
Build a fully automated onboarding/offboarding pipeline
Design and operate endpoint infrastructure across Mac, Windows, and Linux
Eliminate manual IT work through automation, scripting, and tooling
You should expect to spend the majority of your time building systems and automation—not responding to tickets
Architect secure network infrastructure across office, lab, and remote environments
Design and implement modern access patterns (e.g., WireGuard-based networking, zero-trust, device-aware access)
Own firewall and perimeter security (Palo Alto, Juniper, or equivalent)
Enable secure, compliant access to cloud environments (AWS GovCloud, GCP Assured Workloads)
Drive compliance (CMMC, ITAR) through systems—not paperwork
Partner directly with engineering to remove friction and increase velocity
You will have high ownership and autonomy to define how these systems are built and operated

8+ yrs of related experience
5+ years Proven experience building and owning infrastructure systems
Deep experience with identity systems (Azure AD / Entra or equivalent; SAML/OAuth/SCIM)
Strong experience managing heterogeneous endpoint fleets (Mac, Windows, Linux; MDM such as Intune/Jamf/Kandji)
Hands-on experience with network security and modern connectivity patterns (VPNs, WireGuard, zero-trust networking)
Strong scripting and automation skills (Python, Bash, or similar)
Experience integrating systems via APIs and event-driven workflows
Experience operating in regulated environments (CMMC, ITAR, FedRAMP-like)

You treat internal infrastructure like a product, not a helpdesk
You automate everything that happens more than once
You reduce complexity instead of adding it
You think in terms of identity-first and network-minimized architectures
You can debug across identity, network, endpoint, and cloud boundaries
You have strong opinions about how systems should be built—and can back them up

Experience in GCC High environments (Microsoft Entra ID)
Familiarity with Amazon Web Services GovCloud or Google Cloud Platform Assured Workloads
Experience with WireGuard-based networking or modern secure access platforms (e.g., Tailscale, Cloudflare Zero Trust)
Experience supporting hardware, lab, or manufacturing environments
Experience designing zero-trust or device-trust architectures

What We Offer

~2 min read

We're competitive in compensation and offer equity as part of the package. We have great benefits that include health, vision, dental, and 401K in comparison to other startups. We provide lunch and there's plenty of snacks and drinks to get you through the day.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

ITAR Requirements: This position requires compliance with U.S. Government space technology trade restrictions, specifically the International Trafficking in Arms Regulations (ITAR), Export Administration Regulations (EAR) and additional regulations governing satellite, launch vehicle, missile, and other related technologies. All jobs restricted by these regulations will be contingent upon the applicant’s status as a documented U.S. Person or their ability to receive a trade license from the cognizant government agency; in addition to any required company background checks and in compliance with applicable U.S. and California laws. Similarly, positions requiring the ability to work on government contracts or a security clearance are also contingent upon the applicants ability to receive the appropriate clearance and be allowed to work on U.S. government contracts.

© Astra Space Operations, LLC. All rights reserved, Astra is proud to be an equal opportunity workplace. We celebrate diversity and are committed to creating an inclusive environment for all employees. We do not discriminate on the basis of race, religion, color, gender identity, sexual orientation, age, disability, veteran status, or other applicable legally protected characteristics. We encourage people of different backgrounds, experiences, abilities, and perspectives to apply.

San Francisco Applicants: Astra will consider applicants with arrest and conviction records (criminal histories) in a manner consistent with the San Francisco Fair Chance Ordinance.