Senior DevOps Engineer, Flutter Functions
Cluj-Napoca, Cluj County, Romania
Full Time
3 hours ago
No H1B
Key skills
AnsibleAWSAzureCloudDNSDockerGoogle Cloud PlatformGrafanaKubernetesLinuxPrometheusShell ScriptingTerraformShellGCPGoogle CloudGitHub ActionsArgoCDCloudFrontIAMGitGitHubGitOpsIstioService MeshAkamaiCloudflareCachingCI/CDStakeholder ManagementMentoringCommunicationCollaborationTrivySonarQubeWAF
About this role
Role Overview
- Design, implement and own GitOps workflows using ArgoCD, including ApplicationSets/generator plugins and multi-environment, multi-cluster deployment patterns
- Define and maintain Kubernetes platform standards (namespaces, RBAC, Network Policies, ingress, observability, backup/restore, multi-cluster, etc.)
- Implement and manage policy-as-code using OPA/Gatekeeper and Kyverno to enforce security, compliance and best practices across clusters
- Architect and operate an advanced service mesh with Istio, including traffic management, mutual TLS, zero-trust patterns, resilience and observability
- Use Crossplane (XRDs/CRDs) and Kustomize to deliver fully declarative infrastructure and application configuration, enabling true platform-as-code
- Build, maintain and optimize CI/CD pipelines with GitHub Actions, including reusable workflows, environment promotion, releases and rollbacks
- Integrate Trivy, SonarQube and related tooling into pipelines to provide end-to-end SCA, image scanning and static analysis, ensuring secure-by-default delivery
- Design, implement and operate scalable, resilient solutions on AWS, collaborating on architecture and making pragmatic, high-impact design decisions
- Manage and optimize content delivery and edge security using AWS CloudFront and other CDNs, including WAF integration and DDoS mitigation
- Implement and evolve observability using Grafana Cloud (Prometheus, adaptive metrics, logging and alerting), ensuring actionable insights and SLO-driven operations
- Contribute to and at times lead incident response, post-incident reviews, and continuous improvement of reliability, performance and operability
- Drive automation and self-service (e.g. GitOps + Crossplane + ArgoCD patterns) to reduce manual work and empower product teams to manage their own infrastructure
- Collaborate closely with development, QA, security and operations teams to align on standards, simplify delivery and remove friction
- Own documentation for the platform, patterns, runbooks and best practices, ensuring they are discoverable and up to date
- Mentor and coach engineers in DevOps / platform practices, GitOps, Kubernetes and cloud; act as a role model for engineering excellence and ways of working
- Engage effectively with technical and non-technical stakeholders, clearly explaining trade-offs, risks and options
Requirements
- Strong understanding of cloud-native operations, Kubernetes platforms and infrastructure as code principles
- 4+ years’ experience running Kubernetes and Docker in production (high-load, high-availability environments)
- Hands-on expertise with GitOps: particularly ArgoCD (ApplicationSets, generator plugins, multi-cluster, promotion workflows)
- Strong experience with Crossplane (XRD/CRD design, compositions, providers) and Kustomize for environment overlays and reusable configurations
- Deep knowledge of Kubernetes security: OPA/Gatekeeper, Kyverno, Network Policies, secrets management, RBAC and compliance controls
- Advanced experience with Istio (or similar service mesh) – traffic routing, mTLS, authorization policies, canary/blue-green strategies, observability
- Solid experience designing and maintaining CI/CD pipelines with GitHub Actions, including pipelines as code and environment promotion
- Practical experience integrating Trivy and SonarQube (or equivalent) into CI/CD for SCA, container image scanning and code quality/security checks
- 4+ years of * Linux/nix engineering and administration; strong shell scripting and remote server management (SSH)
- Strong AWS experience (networking, security, IAM, compute, storage, managed services); multi-cloud knowledge (GCP/Azure) is a plus
- 3–4+ years managing CDNs such as AWS CloudFront, Akamai or Cloudflare, including WAF, caching and edge security policies
- Understanding of DDoS attack mechanisms and mitigation tools (e.g. AWS Shield, CloudFront, Akamai/Cloudflare protections)
- Experience with large-scale DNS implementations and traffic management strategies
- Hands-on experience with Grafana Cloud, including Prometheus metrics, adaptive metrics strategies, dashboards and alerting best practices
- Proficiency with Git and modern branching / pull request workflows; comfortable with trunk-based or GitOps-oriented models
- Experience with configuration management and IaC tools such as Terraform, Ansible (or similar)
- Proven incident management experience and an ability to make pragmatic operational decisions under pressure
- Strong communication, stakeholder management, mentoring and collaboration skills; able to influence ways of working and uplift the wider team.
Tech Stack
- Ansible
- AWS
- Azure
- Cloud
- DNS
- Docker
- Google Cloud Platform
- Grafana
- Kubernetes
- Linux
- Prometheus
- Shell Scripting
- Terraform
Benefits
- Hybrid & remote working options
- €1,000 per year for self-development
- Company share scheme
- 25 days of annual leave per year
- 20 days per year to work abroad
- 5 personal days/year
- Flexible benefits: travel, sports, hobbies
- Extended health, dental and travel insurances
- Customized well-being programmes
- Career growth sessions
- Thousands of online courses through Udemy
- A variety of engaging office events