Sr. TAK Server Engineer / Administrator

Overview

Remote
Depends on Experience
Full Time
No Travel Required
Able to Provide Sponsorship

Skills

Team Awareness Kit (TAK)

Job Details

We re hiring a hands-on engineer to deploy, secure, and operate TAK Server 5.2 in production. You ll own installs/upgrades, PKI/mTLS, federation between servers, device provisioning (profiles), and day-to-day reliability on Linux or containerized environments.

Responsibilities

  • Install & Upgrade: Deploy TAK Server 5.2 on RHEL/Rocky/Ubuntu or Docker; manage services, ports, and JVM/heap tuning.

  • Security & PKI: Stand up server certificates, issue/rotate client X.509 certs, manage keystores/truststores, enforce TLS/mTLS, and document cert lifecycles.

  • Access Control: Configure certificate-based auth and OAuth/OIDC for WebTAK; implement role/group permissions and least-privilege data access.

  • Federation: Configure and monitor multi-server federation, group mappings/allow-lists, mission package policies, and replay/resync strategies.

  • Device Provisioning: Use Device Profile Manager to enroll endpoints, push configs/mission data, and target updates to groups.

  • Data Routing & Filtering: Apply CoT/TAK Protocol filtering (e.g., chat/SA, geofencing/VBM) and manage inbound feeds and outputs.

  • Observability & SRE Basics: Collect metrics/logs, build alerts and dashboards, troubleshoot connectivity/auth/performance issues, and maintain runbooks.

  • Automation & Hygiene: Script repeatable ops (Bash/Python/Ansible), harden hosts (firewalls, reverse proxy), and keep environments patched.

Minimum Qualifications

  • 5+ years Linux administration (systemd, networking, firewalls, DNS, proxies).

  • Recent hands-on with TAK Server (5.x) or FreeTAKServer in a production or field environment.

  • Strong PKI fundamentals (CA hierarchy, mutual TLS, OCSP/CRLs, cert rotation).

  • Familiarity with Cursor-on-Target (CoT) and practical routing/filtering patterns.

  • Experience operating web/reverse proxy paths (Nginx/Apache) and WebSockets-based clients (e.g., WebTAK).

  • Scripting with Bash and at least one of Python/Ansible; Git workflows.

Preferred Qualifications

  • Docker/Kubernetes, Terraform/Ansible (IaC) for repeatable environments.

  • ELK/Graylog for logs; PrometheGrafana for metrics and alerting.

  • Cloud exposure (AWS/Azure/Google Cloud Platform): networking, security groups, HA patterns.

  • Security hardening (CIS/STIG-style), vulnerability management, and patch baselines.

  • Relevant certs (Security+, Linux+, RHCSA, AWS/Azure Associate) are a plus.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.