Lead DevOps Engineer

What you will do

• Own the DevOps and Platform roadmap, defining the automation, scaling, and multi-tenant Kubernetes-based Internal Developer Platform (IDP).
• Lead by doing - engineer, review, and enhance Kubernetes and CNCF-aligned infrastructure, setting technical standards.
• Architect multi-cluster, multi-region environments using Istio/Linkerd, Cluster API, and Kyverno.
• Build progressive delivery frameworks with Flux and Flagger for GitOps-driven, canary, and automated releases.
• Implement modern provisioning with controllers like Crossplane and ACK for Kubernetes-native cloud integration.
• Define and enforce Zero Trust architecture with Vault, Boundary, service identity, and mTLS-secured meshes.
• Engineer policy-driven automation and compliance using OPA, Kyverno, and secure supply chain configurations.
• Establish IaC and GitOps standards, adding automated testing to every infrastructure change.
• Prototype agentic infrastructure components, including deployment and observability platforms in service meshes.
• Design AI Gateways and Registries for traffic and event routing between microservices and autonomous agents via CNCF Gateway APIs.
• Champion DevSecOps maturity by embedding SAST/DAST, chaos engineering, and error budget monitoring.
• Collaborate with Security, Data, and AI teams to shape DevOps and AI platform architectures with regulatory compliance.
• Stay ahead of CNCF and AI ecosystem innovations, from eBPF observability to agent-aware orchestration.

What We’re Looking For

We value diverse backgrounds and paths to expertise. If you bring solid experience in several of the areas below, we encourage you to apply even if you don’t meet every detail.

Core Expertise

• Experience leading or mentoring engineering teams with the ability to set direction and contribute hands-on.
• Strong Kubernetes knowledge, including cluster lifecycle management, API extensions, Operators, Helm, and the broader CNCF ecosystem (Cilium, ExternalDNS, Kyverno, Gatekeeper).
• Designing and operating multi-cluster, multi-region Kubernetes platforms with service meshes such as Istio, Consul, or Linkerd and policy-based workload placement.
• Writing Infrastructure-as-Code with Terraform on AWS or GCP using modular design, GitOps integration, and automated testing (Terratest, InSpec).
• Implementing GitOps pipelines with ArgoCD or FluxCD for progressive delivery, drift correction, and multi-environment releases.
• Building containerized, serverless, or event-driven systems with strong observability using DataDog, Splunk, or OpenTelemetry.
• Strengthening platform security through Vault-based secret management, least privilege access, and compliance automation.
• Designing CI/CD workflows that include SAST, DAST, policy enforcement, and performance telemetry.
• Improving reliability and resilience through SLOs, error budgets, and chaos engineering.

You’ll Thrive Here If You

• Are passionate about building secure, scalable, and reliable systems and helping others do the same.
• Have a strong customer and product mindset.
• Take ownership and make thoughtful, data-informed decisions.
• Enjoy building high-performing, inclusive, and autonomous teams.
• Align technical leadership with business outcomes.
• Collaborate openly and continuously seek to learn and grow.

Nice to Have

The following are genuinely bonus areas. Great if you have them, but not required

• Leading platform modernisation or reliability initiatives in scale-up or regulated environments.
• Experience with Operator development, CRD automation, eBPF, or Cilium for observability.
• Expertise in policy-as-code using OPA or Kyverno within secure supply chain or CSPM frameworks.
• Exposure to AI-driven internal developer platforms or predictive observability using AI or LLMs.
• Experience designing agentic or autonomous infrastructures with observability for AI agents.
• Familiarity with MCP and A2A orchestration patterns in Kubernetes service mesh environments.
• Understanding of Agent Gateways and Registries connecting microservices and AI agents.
• Background in secure containers, sandboxing, or confidential computing for regulated workloads.
• Experience with data-intensive systems such as Spark, Databricks, or Data Mesh.
• Programming experience in Go, Python, or TypeScript.
• Contributions to open-source or CNCF community projects.