Location: Oak Ridge, TN
Job Title: Ansible Automation Engineer
Career Level From: Associate
Career Level To: Senior Associate
Job Specialty: System Administration
What You'll Do
CNS is seeking a highly skilled Ansible Automation Engineer to support mission-critical IT modernization and infrastructure reliability initiatives. The candidate will be responsible for designing, implementing, and maintaining automated solutions across secure on-premises and cloud environments. This role supports federal operations that require strong attention to security, compliance, and repeatable infrastructure-as-code methodologies.This role is central to modernizing the agency’s infrastructure and strengthening its cybersecurity posture through repeatable, secure, and auditable automation. The Ansible Automation Engineer will contribute directly to mission success by increasing system reliability, reducing manual workload, and promoting DevSecOps practices within a federal environment.
Key Responsbilities:
- Develop, refine, and maintain Ansible playbooks, roles, and collections to automate system provisioning, configuration, patching, and application deployments across controlled environments.
- Implement automation workflows that align with federal IT policies, including FISMA, NIST 800-53, DISA STIG, and agency-specific security guidelines.
- Administer and support Ansible Automation Platform (AAP), including RBAC, credentials management, inventory design, and secure deployment pipelines.
- Collaborate with federal system owners, network teams, cybersecurity, and cloud operations to identify opportunities for automation that improve efficiency and reduce risk.
- Integrate Ansible into CI/CD pipelines using government-approved tooling such as: GitFlow, Azure DevOps, Podman, OpenShift (Kubernetes)
- Troubleshoot, optimize, and document automation processes to ensure consistent performance and compliance.
- Develop and maintain detailed standard operating procedures (SOPs), system documentation, and diagrams for audits and security reviews.
- Support CyberSecurity processes by providing artifacts, remediation inputs, and automation-based compliance enhancements.
- Participate in on-call or after-hours maintenance windows as required to support operational needs.
Required Experience Working with the Following:
- 3–5+ years of experience in automation engineering, DevOps, system administration, or related IT roles—preferably within federal or DoD environments.
- Advanced expertise with Ansible, including playbook design, Jinja2 templating, variables, dynamic inventories, and collections.
- Experience automating systems administration with multiple distributions including RHEL 7 - 10, Ubuntu, Windows, IOS, vSphere.
- Experience interacting with Vendor products using API to automate provisioning, configuration management, and security auditing
- Experience working within federal cybersecurity compliance frameworks, including STIGs, SCAP, RMF, and configuration baselines.
- Proficiency with Git and version control processes appropriate for controlled repositories.
- Hands-on experience with CI/CD pipelines and secure DevSecOps practices.
- Experience with AWS GovCloud, Azure Government, VMware or on-premises virtualized environments.
- Scripting proficiency in Bash, Python, or PowerShell.
- Ability to obtain and maintain a DOE Q clearance.
What You Can Expect
- Meaningful work and unique opportunities to support missions vital to national and global security
- Top-notch, dedicated colleagues
- Generous pay and benefits with a stable organization
- Career advancement and professional development programs
- Work-life balance fostered through flexible work options and wellness initiatives
Minimum Job Requirements
- Bachelor of Science in Computer Science or closely-related field: No experience.
- Eight or more years of relevant education, traninig and/or progressive experience may be considered to satisfy the eduational and years of experience required for this posting.
- Required experience working with one or more of the technologies listed that the team supports. Supporting more than one of the technologies is preferred.
- Requires a Q clearance; however, all qualified candidates will be considered regardless of their current clearance status. (The ability to obtain and maintain a Department of Energy "Q" clearance is required.)
Preferred Job Requirements
- Prior experience supporting federal agencies or defense organizations.
- Experience with Red Hat Ansible Automation Platform at enterprise scale.
- Familiarity with additional IaC tools (Terraform, Packer) used in government environments.
- Understanding of Zero Trust architectures, secrets management (HashiCorp Vault or CyberArk), and privileged access controls.
- Familiarity with Red Hat Satellite
- Familiarity with Windows Servers as part of an Active Domain
- Understanding of interactions via API, emphasis on enterprise platform integrations and bare metal provisioning
- Experience integrating automation with monitoring/logging platforms such as Splunk, ELK, Grafana, or agency-specific tools.
- Relevant certifications:
- Red Hat Certified Engineer (RHCE)
- Red Hat Ansible Automation Specialist
- Security+, CASP+, or equivalent compliance-related certifications
Soft Skills:
- Strong interpersonal and written communication skills suitable for federal reporting and documentation.
- Ability to operate within structured governance frameworks and change-control processes.
- Collaborative mindset with the ability to coordinate across multiple government and contractor teams.
- Detail-oriented approach with a commitment to accuracy, repeatability, and operational security.
