Senior DevOps Engineer

<p><strong>About&nbsp;Us</strong></p> <p>Imagine a world where passwords are obsolete, and you never have to recall security questions about your first pet. At PrivateID, we're making this a reality with secure, self-managed digital identities that feel almost magical: think biometric sorcery meets cryptographic brilliance. Trusted by global brands for our privacy-first solutions, we're rapidly scaling to meet the soaring demand for passwordless, zero-trust technology.</p> <p>&nbsp;</p> <p><strong>About The Role</strong></p> <p>You'll work under the Lead DevOps Engineer as a key contributor on a collaborative team, executing on infrastructure work, responding to incidents, and helping keep our multi-cloud environments reliable and secure. You're someone who takes direction well, communicates proactively, and brings enough experience to work independently on complex tasks without needing hand-holding.</p> <p>This is a hands-on, execution-focused role. You'll be deep in Kubernetes, Terraform, CI/CD pipelines, and on-call rotations day to day.</p> <p>&nbsp;</p> <p><strong>What You Will Do</strong></p> <p><strong>Infrastructure &amp; Cloud</strong></p> <ul> <li>Contribute to multi-cloud infrastructure across AWS (EKS, IAM, multi-account) and GCP (GKE Autopilot, IAM, multi-project) using Terraform</li> <li>Help provision and manage per-client environments — VPC, Kubernetes cluster, DNS, SSL, container registry, secrets, and GitOps integration — following established patterns and module library</li> <li>Manage bastion hosts, networking, firewalls, and VPC peering under guidance from the lead</li> </ul> <p><strong>CI/CD &amp; GitOps</strong></p> <ul> <li>Maintain and improve GitHub Actions pipelines for build, test, and deployment workflows</li> <li>Support ArgoCD-based GitOps deployments across multiple GKE and EKS clusters</li> <li>Help maintain reusable workflow templates used across all product repositories</li> </ul> <p><strong>Observability &amp; Incident Response</strong></p> <ul> <li>Monitor application and infrastructure health using New Relic dashboards and alerts</li> <li>Actively participate in the on-call rotation via PagerDuty — acknowledge alerts promptly, triage issues, escalate when needed, and follow up thoroughly</li> <li>Contribute to runbooks and post-mortems after incidents</li> <li>Proactively flag performance issues and anomalies to the team</li> </ul> <p><strong>Security &amp; Secrets Management</strong></p> <ul> <li>Manage and rotate secrets across all environments using Doppler — AWS IAM keys, GCP service account keys, MongoDB Atlas API keys, GitHub tokens</li> <li>Follow and uphold least-privilege IAM practices across AWS, GCP, GitHub, and Azure AD</li> <li>Assist with employee access provisioning and offboarding</li> </ul> <p>&nbsp;</p> <p><strong>Must Have</strong></p> <ul> <li>7+ years in a DevOps, SRE, or Platform Engineering role</li> <li>Strong <strong>Terraform</strong> skills — modules, remote state, multi-environment configurations</li> <li>Hands-on experience with <strong>AWS</strong> (EKS, IAM, EC2, S3, multi-account) and <strong>GCP</strong> (GKE, IAM, Workload Identity)</li> <li><strong>Kubernetes</strong> — Helm, RBAC, namespaces, cluster troubleshooting</li> <li>GitHub Actions — building and maintaining CI/CD pipelines, reusable workflows</li> <li>ArgoCD or similar GitOps tooling</li> <li>Active on-call experience — you've been paged, you know how to triage fast and communicate clearly under pressure</li> <li>New Relic or equivalent (Datadog, Grafana) — dashboards, alerts, log querying</li> <li>PagerDuty — on-call rotations, escalation policies, alert routing</li> <li>Secrets management — Doppler, Vault, or AWS Secrets Manager</li> <li>Strong scripting in Bash and/or Python</li> <li>A team-first attitude — you share knowledge, ask questions early, and don't go dark</li> </ul> <p><strong>Nice to Have</strong></p> <ul> <li>GCP Workload Identity Federation and AWS IRSA (keyless CI/CD auth)</li> <li>MongoDB Atlas administration (clusters, VPC peering, API key management)</li> <li>Azure AD / Entra ID user and access management</li> <li>Slack app integrations for deployment approvals and alerting</li> <li>Experience managing infrastructure for multiple clients or tenants from a single codebase</li> </ul> <p>&nbsp;</p> <p><strong>Benefits</strong></p> <ul> <li>Competitive&nbsp;compensation&nbsp;and&nbsp;equity</li> <li>A&nbsp;remote-first,&nbsp;collaborative&nbsp;culture</li> </ul> <p>&nbsp;</p> <p><strong>Important:</strong></p> <p>Candidates&nbsp;must&nbsp;pass&nbsp;a&nbsp;background&nbsp;check&nbsp;as&nbsp;part&nbsp;of&nbsp;the&nbsp;hiring&nbsp;process&nbsp;due&nbsp;to&nbsp;our&nbsp;work&nbsp;in&nbsp;the&nbsp;financial&nbsp;sector.</p> <p>&nbsp;</p> <p><strong>Equal&nbsp;Employment&nbsp;Opportunity</strong></p> <p>PrivateID&nbsp;values&nbsp;diversity&nbsp;and&nbsp;is&nbsp;committed&nbsp;to&nbsp;providing&nbsp;an&nbsp;inclusive&nbsp;work&nbsp;environment&nbsp;where&nbsp;all&nbsp;employees&nbsp;can&nbsp;excel.&nbsp;Qualified&nbsp;applicants&nbsp;will&nbsp;be&nbsp;considered&nbsp;without&nbsp;regard&nbsp;to&nbsp;race,&nbsp;color,&nbsp;religion,&nbsp;sex,&nbsp;sexual&nbsp;orientation,&nbsp;gender&nbsp;identity,&nbsp;national&nbsp;origin,&nbsp;disability,&nbsp;veteran&nbsp;status,&nbsp;or&nbsp;any&nbsp;other&nbsp;legally&nbsp;protected&nbsp;status.&nbsp;Reasonable&nbsp;accommodations&nbsp;are&nbsp;available&nbsp;upon&nbsp;request&nbsp;to&nbsp;ensure&nbsp;equitable&nbsp;participation&nbsp;in&nbsp;our&nbsp;hiring&nbsp;process&nbsp;and&nbsp;workplace.</p>