Setup and Deployment of Kubernetes production and development clusters in-premise and Cloud (preference to AWS)
Scripting Kubernetes cluster setup so the setup can be easily replicated on different production sites
An active practitioner of an established security framework I.e. CISMP, CISA or CISSP
Setting up required plugins for our Kubernetes like Platform CSI driver and/or horizontal autoscaler.
Setting up ingress traffic and establishing secure network policies
Automating certificate management
Implementing an alerting system for unusually high resource consumption and monitoring system of critical system components
Providing solutions to observe and access Kubernetes platform logs without need to directly access to our servers from command line
Introduce RBAC security policies for different users with different access levels
Infrastrastructure-as-a-code practitioner, since each setup or configuration step should be scripted in either Pulumi, Terraform, Ansible, bash or high-level language (Python, GoLang) to allow easy expansion of our product in the region and further
Make sure internal Kubernetes endpoints are secure from unauthorized access
You'll help triage, troubleshoot, and help resolve any related Kubernetes issues found during testing and in our production systems.
Identify potential problems and resolve middleware and platform bottlenecks for performance optimization
Stay up-to-date with the latest technological developments and proactively integrate new tools and techniques to prevent our production site breaches
Demonstrate a willingness to learn and grow both personally and professionally, seeking out new challenges and opportunities for development.
You'll also serve as the curator of our DevOps and Security playbooks and runbooks, utilizing your accumulated knowledge and experience to guide your peers when necessary.
Collaborate with the Software Development Manager and Chief Software Architect to deliver a modern and seamless product experience
Qualification:
Master's Degree in Electronics (or Computer Science) with a professional background in secure networking, virtualization and adoption of SecDevOps principles
8+ years of experience in SecDevOps, SRE and using advanced security frameworks application (CISMP or CISA certification would have our immediate attention)
3+ years of experience in running production-level Kubernetes clusters is a must
Previous experience in using Kubernetes operators would be considered as an advantage
Previous experience with tools like ZAP or Harbour and SecDevOps practitioner for 3+ years is MUST for this role
Previous experience with provisioning tools like Pulumi and/or Terraform
Previous experience with Kubernetes Helm charts and Istio service mesh
3+ years of experience with Graphana, Prometheus, Jaeger, EFK or ELK log stack
Previous experience in deploying a SIEM tool like Elastic SIEM or a similar one
Knowledge of at least one high-level programming language is required Go, Python, C, C++, Java, C#, Ruby since you are expected to write smoke tests and perform environment setup scripting
Previous experience with network hardware load balancers (Barracuda, F5) and/or software load balancers (HA Proxy) and previous track of work on establishing low-latency network infrastructure
Able to automate health systems checks after production release and notifications
Able to setup the framework for anomaly detection from the app logs and isolate suspicious activity
Experience in multi-cluster management and active-active cluster setup
Previous experience with IoT ecosystem would be strongly preferred.
