The company is looking to build resilient, observable, and policy-compliant software systems that operate at global scale to power mission-critical business functions. This involves leveraging modern technologies and architectural patterns to ensure security, compliance, and risk management standards are met.
Requirements
- Expert-level proficiency in Java and Python, with demonstrable experience building services deployed on Kubernetes using Helm and declarative configurations.
- Experience with event-driven patterns, including pub/sub, message queues, and streaming architectures.
- Proficient with GitOps, CI/CD pipelines (e.g., ArgoCD, Jenkins, GitHub Actions), and infrastructure-as-code tools (Terraform, Kustomize, etc.).
- Familiarity with zero-trust security patterns, mutual TLS (mTLS), service mesh (e.g., Istio or Linkerd), and container vulnerability scanning tools.
- Working knowledge of container runtime security, runtime controls (e.g., SELinux, seccomp, AppArmor), and least privilege access models.
- Experience with Open Policy Agent (OPA), Kyverno, or HashiCorp Sentinel for governance and control enforcement.
- Deep familiarity with enterprise system constraints including governance, scalability, compliance frameworks (e.g., SOC 2, PCI, NIST), and regulated workloads.
Responsibilities
- Design, develop, and maintain high-scale, low-latency microservices in Java and Python that support enterprise platforms with stringent uptime, compliance, and observability requirements.
- Engineer event-driven architectures using Kafka or equivalent messaging platforms to enable asynchronous workflows, decoupled service communication, and scalable event sourcing.
- Develop and maintain Helm charts, Kubernetes manifests, and YAML-based configurations to deploy and manage cloud-native applications in production environments.
- Design and implement enterprise-scale reusable service patterns, including service discovery, distributed configuration, fault tolerance, and global failover strategies.
- Embed policy-as-code in CI/CD workflows using tools like OPA/Gatekeeper, Kyverno, or custom controls, enforcing security, compliance, and infrastructure governance at deploy time.
- Partner with security, compliance, and risk teams to codify controls into automated pipelines, ensuring software systems are audit-ready by default.
- Implement compliance-aware telemetry and alerting tied to controls such as data residency, encryption, access boundaries, and runtime immutability.
Other
- English (Required)
- Ability to plan and manage projects and solve complex problems by applying best practices
- Ability to provide direction and mentor less experienced teammates. Ability to interpret and convey complex, difficult, or sensitive information
- Minimal and up to 10% travel
- Able to work all hours scheduled, including overtime as directed by manager/supervisor and required by business need.
