DevOps Engineer (for our partner group)
About the role
No legacy, no bureaucracy, no corporate bullshit โ just you and a small but incredibly strong engineering team making the right technical decisions together.
This is payment infrastructure, so the bar for reliability and security is high: we're building toward PCI DSS, with strict environment separation (non-prod / pre-prod / prod) and infrastructure-as-code across the board. You won't just "keep the lights on" โ you'll design and lay the foundation.
AI-first. We're AI-first across the board, engineering included: routine and ops work is automated through AI agents and AI tooling, IaC and runbooks are written and maintained with AI. We're not just "aware of AI" โ we build infrastructure so agents can safely operate and change it.
Important: we need a strong engineer with deep technical background who makes decisions independently and owns the outcome. The engineering team is top-tier, and the bar is high. We're not looking for average.
What you'll do
- Infrastructure as Code: design and evolve Terraform modules for AWS (composite module, accounts as code), multi-environment layout across non-prod / pre-prod / prod
- Kubernetes: operate and evolve EKS clusters โ workloads, namespaces, resources, autoscaling, network policies
- CI/CD: pipelines (GitHub Actions) โ build, test, deliver; speeding up and stabilizing pipelines, smooth delivery of changes
- GitOps / delivery: Helm charts, ArgoCD โ declarative deployment of services to the cluster
- Secrets & access: secrets management, rotation, no secrets in code, least privilege
- Observability: metrics and alerting (Amazon Managed Prometheus + Amazon Managed Grafana), dashboards, SLOs, incident response
- Security & networking: IAM, environment separation, access (Okta, Twingate)
- Databases (operations): PostgreSQL (RDS), Redshift โ parameters, backups, secret rotation, safeguarding scope
- Reliability: cost control, capacity planning, production-readiness (HA where it matters), runbooks
Stack
- Cloud: AWS (EKS, RDS, IAM, etc.)
- IaC: Terraform
- Containers/orchestration: Docker, Kubernetes (EKS), Helm
- GitOps: ArgoCD
- CI/CD: GitHub Actions
- Observability: Amazon Managed Prometheus (AMP), Amazon Managed Grafana (AMG)
- Database: PostgreSQL (RDS), AWS Redshift (OLAP)
- Auth / access: Okta, Twingate
- AI: AI-first โ active use of AI tools and agents in daily work
Requirements
Must have:
- 6+ years in DevOps / SRE / Platform Engineering
- AWS โ production experience (EKS, IAM, VPC, RDS)
- Terraform โ modules, state, multi-environment layouts
- Kubernetes โ production operations, Helm
- CI/CD โ building and maintaining pipelines
- Linux, networking, scripting (Bash + Python or Go)
- Secrets management and security basics (IAM, least privilege)
- Observability โ metrics/logs/alerting (Prometheus/Grafana or equivalents)
- AI-fluency โ active integration of AI tools (Claude Code, Cursor, Codex) into daily engineering work. Not just "aware of AI" โ uses it to multiply productivity, with a critical eye for generated output
- Proactivity โ identifies problems before they surface, proposes solutions, drives them to done. Doesn't wait to be told what to do
- English: confident reading and listening is a must. Good spoken English is a strong plus
Nice to have:
- Fintech / payments / banking โ infrastructure experience under regulation
- PCI DSS โ experience building toward or passing it
- ArgoCD / GitOps
- Amazon Managed Prometheus / Grafana
- AWS Redshift
- Experience with pre-prod/prod separation and multi-account AWS