📍 KERALA-BASED CANDIDATES ONLY — This is a hybrid role based in Kerala, India. We will only consider applicants who are currently living in Kerala. Candidates outside Kerala, including those willing to relocate, will not be considered at this time.
⚡ IMMEDIATE HIRE — We are looking for candidates who can join without a notice period or within 2 weeks maximum. Please only apply if both conditions apply to you.
🔧 WHAT YOU'LL DO
- Own and evolve AWS infrastructure using Terraform, Helm, and Ansible across multi-account environments, VPC architectures, and EKS/ECS clusters
- Engineer and maintain GitLab CI/CD pipelines with multi-stage build, test, and deploy workflows - Drive GitOps practices using ArgoCD with Git as the single source of truth for Kubernetes manifests and Helm releases
- Embed security at every stage of the SDLC - own and improve our DevSecOps pipeline using SonarQube, Trivy, OWASP ZAP, and Dependency-Track
- Own end-to-end observability using Prometheus, Grafana, Loki, and CloudWatch - define SLOs, lead post-incident reviews, and ensure DR strategies meet RTO/RPO targets
- Drive cloud cost efficiency through right-sizing, Spot Instance adoption, autoscaling, and per-team cost visibility dashboards
- Build self-service tooling - Terraform modules, Helm charts, hardened Docker base images — that reduce friction for engineering teams
- Create and maintain runbooks, SOPs, and operational documentation
- Upskill and mentor junior and mid-level engineers across DevSecOps best practices
✅ WHAT WE'RE LOOKING FOR
- 7+ years in a DevOps, Platform Engineering, or SRE role
- Deep hands-on AWS experience — EKS, ECS, EC2, RDS, S3, Lambda, IAM, CloudTrail
- Strong Terraform and CloudFormation proficiency for infrastructure as code
- Solid Kubernetes experience — cluster operations, Helm chart authoring, EKS/AKS
- CI/CD pipeline engineering experience (GitLab CI, AWS CodePipeline, or Jenkins)
- GitOps experience using ArgoCD or equivalent
- Hands-on DevSecOps tooling — SonarQube, Trivy, OWASP ZAP, Dependency-Track, SBOM generation
- Proficiency in Python and Bash scripting
- Strong Linux systems expertise — administration, troubleshooting, performance tuning, and hardening
- Strong networking fundamentals — VPC design, subnetting, security groups, NACLs, Transit Gateway
- AWS IAM governance — roles, permission boundaries, RBAC, least-privilege access
- Experience managing Sophos endpoint protection, encryption, DLP, and firewall policies
⭐ NICE TO HAVE
- Multi-cloud exposure (AWS + Azure)
- AWS certification (Solutions Architect, DevOps Engineer Professional, or Security Specialty)
- CKA (Certified Kubernetes Administrator) or equivalent
- Experience with AWS Control Tower and AWS Organizations
- Familiarity with SOC2, ISO27001, or PCI-DSS compliance frameworks
- ITIL-aligned incident and change management experience
🏆 YOU'LL STAND OUT IF YOU HAVE
- Proven ownership of production-grade, high-availability SaaS infrastructure
- Experience managing platform engineering for multiple engineering teams simultaneously
- Track record of driving DevSecOps culture and practices across an organisation
If you thrive in high-ownership environments and want to shape the infrastructure backbone of a growing SaaS platform, we'd love to hear from you.
