• Setup and Deployment of Kubernetes production and development clusters in-premise and Cloud (preference to AWS)
• Scripting Kubernetes cluster setup so the setup can be easily replicated on different production sites
• An active practitioner of an established security framework I.e. CISMP, CISA or CISSP
• Setting up required plugins for our Kubernetes like Platform CSI driver and/or horizontal autoscaler.
• Setting up ingress traffic and establishing secure network policies
• Automating certificate management
• Implementing an alerting system for unusually high resource consumption and monitoring system of critical system components
• Providing solutions to observe and access Kubernetes platform logs without need to directly access to our servers from command line
• Introduce RBAC security policies for different users with different access levels
• Infrastrastructure-as-a-code practitioner, since each setup or configuration step should be scripted in either Pulumi, Terraform, Ansible, bash or high-level language (Python, GoLang) to allow easy expansion of our product in the region and further
• Make sure internal Kubernetes endpoints are secure from unauthorized access
• You'll help triage, troubleshoot, and help resolve any related Kubernetes issues found during testing and in our production systems.
• Identify potential problems and resolve middleware and platform bottlenecks for performance optimization
• Stay up-to-date with the latest technological developments and proactively integrate new tools and techniques to prevent our production site breaches
• Demonstrate a willingness to learn and grow both personally and professionally, seeking out new challenges and opportunities for development.
• You'll also serve as the curator of our DevOps and Security playbooks and runbooks, utilizing your accumulated knowledge and experience to guide your peers when necessary.
• Collaborate with the Software Development Manager and Chief Software Architect to deliver a modern and seamless product experience

Qualification:

• Master’s Degree in Electronics (or Computer Science) with a professional background in secure networking, virtualization and adoption of SecDevOps principles
• 8+ years of experience in SecDevOps, SRE and using advanced security frameworks application (CISMP or CISA certification would have our immediate attention)
• 3+ years of experience in running production-level Kubernetes clusters is a must
• Previous experience in using Kubernetes operators would be considered as an advantage
• Previous experience with tools like ZAP or Harbour and SecDevOps practitioner for 3+ years is MUST for this role
• Previous experience with provisioning tools like Pulumi and/or Terraform
• Previous experience with Kubernetes Helm charts and Istio service mesh
• 3+ years of experience with Graphana, Prometheus, Jaeger, EFK or ELK log stack
• Previous experience in deploying a SIEM tool like Elastic SIEM or a similar one
• Knowledge of at least one high-level programming language is required Go, Python, C, C++, Java, C#, Ruby since you are expected to write smoke tests and perform environment setup scripting
• Previous experience with network hardware load balancers (Barracuda, F5) and/or software load balancers (HA Proxy) and previous track of work on establishing low-latency network infrastructure
• Able to automate health systems checks after production release and notifications
• Able to setup the framework for anomaly detection from the app logs and isolate suspicious activity
• Experience in multi-cluster management and active-active cluster setup
• Previous experience with IoT ecosystem would be strongly preferred.