Infrastructure Engineer
Australian citizenship required. No PR or Work Visa holders. Must be able to obtain Negative Vetting Level 1 security clearance.
What to Submit
1. A tailored resume in docx format
2. A one page (5000 character) summary response to the selection criteria below.
RFQ Details
* RFQ ID: LH-05488
* Agency: Australian Federal Police
* Closing Date: Friday, 06 February 2026 – 11:59pm (Canberra time)
* Estimated Start Date: Friday, 27 March 2026
* Initial Contract Duration: 12 months
* Extension Term: 12 months
* Number of Extensions: 1
* Experience Level: APS6 equivalent
* Security Clearance: Must be able to obtain Negative Vetting Level 1
* Location of Work: ACT
* Working Arrangements:
Onsite – minimum 4 days per week onsite for team meetings and stakeholder engagement
* Maximum Hours: 40 hours per week
Job Details
Infrastructure Engineers implement, manage and retire the infrastructure (including physical, virtual, networking and cloud infrastructure) that supports digital services.
The Australian Federal Police has a requirement for an experienced Infrastructure Engineer / System Administrator to assist with the deployment, configuration and ongoing support of solutions within a discrete operational network used for the collection and ingest of operational data into AFPNet networks and systems.
Key Duties and Responsibilities
Services will be delivered in collaboration with and under supervision of nominated AFP personnel and include, but are not limited to:
* Provide Infrastructure Engineer / Systems Administrator services to plan, deploy, configure and support solutions in a discrete operational network and ensure reliable ingest into AFPNet systems.
* Provide technical direction and advice to vendors delivering professional services on behalf of AFP, ensuring alignment with security and operational constraints.
* Design and configure infrastructure across the full stack (physical, virtual, network, storage) to support business applications and data flows.
* Establish and maintain Infrastructure-as-Code using Ansible and Git/GitLab, including CI/CD where appropriate to support safe, auditable change.
* Provide technical leadership where relevant and mentor team members in automation-first practices and secure operations.
* Work effectively in a small, multidisciplinary team operating within a high-assurance environment.
* Provide knowledge and skills transfer to permanent staff through clear documentation, diagrams, procedures and Ansible/GitLab artefacts.
* Record and maintain information in accordance with AFP requirements and applicable security classifications.
The specified personnel should have excellent skills and significant experience across several of the following domains:
* Linux (Ubuntu) administration including hardening, patching, optimisation and troubleshooting; familiarity with AppArmor, systemd, packaging and network services.
* Configuration and administration of Microsoft Windows Server (including AD/ADFS and certificate services).
* Automation and Infrastructure-as-Code using Ansible, Git/GitLab workflows, CI/CD runners and scripting (Bash, PowerShell).
* Virtualisation using VMware vSphere and ESXi including lifecycle management, performance optimisation, VM templates and resource controls.
* Database platforms including SQL Server (optimisation, upgrades, consolidation, backup/restore, HA/DR).
* Storage and backup technologies including enterprise arrays, NFS/iSCSI and Dell technologies (e.g. Networker, Isilon/PowerScale), VEEAM or similar.
* Networking and security including Cisco firewalls and switches, segmentation, routing, VPNs, ACLs, Linux firewalling and vulnerability remediation.
* Containers (desirable) including Docker/Podman and basic orchestration (Kubernetes/Nomad).
Mandatory
* Proven experience in the design, configuration and support of Linux-first (Ubuntu) ICT infrastructure.
* Experience configuring and maintaining Windows systems and services.
Highly Desirable
* Expert-level Linux (Ubuntu/RHEL) management including Landscape and development of standard operating environments.
* Experience with containers and orchestration technologies.
* Security tooling and controls including WSUS/SCCM, Nessus/Nmap, AppArmor, Cisco firewall policy hygiene and SIEM/logging integration.
* Experience designing monitoring and alerting solutions suitable for discrete or segmented environments.
* Experience with data ingest pipelines and throughput tuning using tools such as Apache NiFi.
* Experience complying with Federal Government security assessments, configuration and change management documentation standards.
* Strong scripting skills (Bash and PowerShell).
Selection Criteria
The buyer has specified that each candidate must provide a one page pitch to address all criteria specified. This is equal to 5000 characters.
Essential criteria
1. Achieve Results
Demonstrated ability to achieve team objectives and deliver intended outcomes, builds capability and responsiveness within the team, adapts to, supports and manages change.
2. Ability to deliver
The extent to which the potential supplier demonstrates its capability and capacity to provide the requirements.
3. Relevant Experience
Demonstrated relevant experience (and past performance) in delivering the same or similar services.
Desirable criteria
1. Whole of life costs
The whole of life costs for the AFP. Evaluation includes the quoted price and any costs the AFP will incur after accepting the potential suppliers response.