Fullstack Engineer (Python and Typescript) with DevOps knowledge

Description

We are looking for an Applications Engineer to build and operate the platform that enables employees across the company both technical and non-technical to create, deploy, and maintain internal applications using AI-assisted development tools such as Claude Code.

This role is the operational backbone of our AI-Assisted Application Development & Deployment Program. You will own the infrastructure, tooling, templates, and support workflows that make it possible for application creators to go from idea to production safely and reliably. The role sits at the intersection of software engineering, DevOps, and IT support you’ll write libraries and templates one day, configure CI/CD pipelines the next, and walk a non-technical colleague through a deployment the day after that.

You will work directly with application owners to onboard their projects, set up compliant repositories, configure hosting and monitoring, and ensure that deployed applications meet the security and operational standards defined in our AI-Assisted Application Development & Deployment Policy.

Requirements

Required Qualifications

• 4+ years of experience in a role combining software engineering, DevOps, or platform/infrastructure engineering.
• Strong proficiency in Python and TypeScript.
• Hands-on experience with AWS services, specifically: ECS Fargate, S3, CloudFront, RDS (MySQL), IAM, and Secrets Manager.
• Experience building and maintaining CI/CD pipelines with GitHub Actions.
• Working knowledge of Docker for local development and containerized deployments.
• Experience with Infrastructure as Code (AWS CDK, CloudFormation, or Terraform).
• Familiarity with Okta or similar identity providers for SSO/OIDC integration.
• Experience with MySQL database administration, including backup strategies, performance monitoring, and access control.
• Solid understanding of web application security fundamentals — dependency management, secret scanning, input validation, authentication patterns.
• Strong written and verbal English communication skills, with the ability to explain technical concepts to non-technical colleagues.

Preferred Qualifications

• Experience building internal developer platforms or self-service infrastructure for non-engineering teams.
• Familiarity with AI-assisted development tools (Claude Code, GitHub Copilot, or similar).
• Experience creating and maintaining shared libraries or SDKs consumed by other teams.
• Background in IT support or technical enablement roles where you worked directly with non-technical users.
• Experience with static site hosting patterns (S3 + CloudFront, Netlify, or similar).
• Familiarity with structured logging and observability platforms (CloudWatch, Datadog, ELK, or similar).
• Experience conducting security reviews or audits of web applications.

Job responsibilities

Platform Engineering & Templates

• Create and maintain GitHub repository templates for static HTML and interactive applications, pre-configured with CI/CD pipelines, compliance libraries, and project scaffolding.
• Develop and maintain Claude Code skills for each supported application type (static HTML, Python backend, TypeScript backend) that scaffold compliant projects and wire in required libraries.
• Build and maintain shared libraries in Python and TypeScript for structured logging, error reporting, and alerting that satisfy the program’s centralized observability requirements.
• Maintain and publish an internal style guide (HTML/CSS/JS) and associated assets to ensure a consistent look and feel across internal tools

Infrastructure & Deployment

• Set up and manage S3 + CloudFront hosting for static applications, secured behind Okta authentication (SSO/OIDC).
  Deploy and manage interactive applications on ECS Fargate, with supporting infrastructure including S3/CloudFront for static assets and RDS MySQL for data persistence.
• Build and maintain GitHub Actions CI/CD pipelines for automated deployment to AWS, including dependency vulnerability scanning and credential scanning as required by policy.
• Create and maintain local development and testing environments using Docker for interactive applications, with clear documentation that enables non-technical application owners to run and test locally.
• Manage Infrastructure as Code for all platform resources using AWS CDK or equivalent tooling.

Database Administration

• Administer RDS MySQL instances supporting interactive applications, including provisioning, access control, backup configuration, and recovery testing.
• Monitor database performance and optimize as needed, including query analysis and instance right-sizing.
• Enforce minimum-privilege database access for each application and ensure encryption at rest is enabled.

Security & Compliance

• Perform security reviews of AI-assisted applications at initial deployment and on a quarterly basis thereafter, as defined by policy.
• Configure and monitor Dependabot (or equivalent) across all application repositories to surface dependency vulnerabilities.
• Set up and maintain application health monitoring and uptime alerting for all hosted applications.
• Enforce secret scanning in CI pipelines and ensure no credentials are committed to source control.
• Identify and suspend applications that are unmaintained or have unresolved critical vulnerabilities beyond the 14-day remediation window.

Support & Enablement

• Serve as the primary technical point of contact for application owners going through the intake, setup, and deployment process.
• Assist application owners many of whom are non-engineers with onboarding, troubleshooting, and understanding compliance requirements.
• Develop and maintain documentation and training materials (including Loom walkthroughs) covering Git basics, template usage, deployment workflows, and policy requirements.
• Manage the application registry and directory, keeping ownership records current and coordinating ownership transfers during employee offboarding.