Key skills
Managed Kubernetes platformsMulti-cloud fluencyAuthenticationidentity challengesInfrastructure-as-codeKubernetes networkingSystems thinkingEnterprise customer requirementsAIAWSAzureGCPTerraformKubernetesPulumiEKSAKSGKEService MeshCommunication
About this role
Ditto is a company redefining how data moves at the edge, making it seamless for developers to build resilient, real-time applications. They are seeking a Senior Software Engineer to own and architect their multi-cloud Kubernetes infrastructure, ensuring operational excellence and enabling enterprise customer deployments across various cloud platforms.
Responsibilities:
- Own the architecture and evolution of Ditto's managed Kubernetes platform across AKS, EKS, and GKE, ensuring consistent operational excellence across cloud provider boundaries
- Design and implement cross-cloud identity and authentication systems, including OIDC delegation and identity federation patterns that enable secure service communication across AWS, Azure, and GCP
- Build secure access infrastructure that provides auditable cluster access for operations teams, including automated emergency access procedures and compliance controls
- Architect cloud account governance systems covering provisioning, resource management, policy enforcement, and multi-tenant isolation across providers
- Design ingress and traffic management patterns that replace legacy components with cloud-native solutions integrated into each provider's ecosystem
- Create infrastructure lifecycle tooling that provisions, configures, and migrates Kubernetes environments—including migration paths from legacy self-managed clusters to managed Kubernetes
- Partner with the Cloud Organization and customer-facing teams to ensure infrastructure capabilities align with product roadmap requirements and enterprise customer needs
Requirements:
- Deep experience with managed Kubernetes platforms (AKS, EKS, or GKE) in production environments, including cluster lifecycle management and operational tooling
- Strong multi-cloud fluency—you understand the differences between cloud providers and can design abstractions that respect each platform's constraints while delivering consistent experiences
- Track record of solving complex authentication and identity challenges, particularly across trust boundaries or federated environments
- Systems thinking orientation—you see infrastructure as interconnected platforms, not isolated components, and architect for long-term evolution
- Comfort with enterprise customer requirements—you've built infrastructure subject to security reviews, compliance standards, and sophisticated operational expectations
- Ability to operate under timeline pressure with real consequences—you're energized by work that's on the critical path, not paralyzed by it
- A proactive and curious attitude about how AI can support your role through automation, ideation, or more thoughtful decision-making
- Experience with infrastructure-as-code at scale (Terraform, Pulumi, Crossplane) across multiple cloud providers
- Background in BYOC, self-hosted, or customer-managed deployment models where infrastructure runs in environments you don't fully control
- Familiarity with secure access tooling (Teleport, Boundary, or similar) and zero-trust access patterns
- Prior work migrating production workloads between Kubernetes environments or from self-managed to managed Kubernetes
- Experience with cloud account vending, organizational policies, or multi-tenant cloud architectures
- Understanding of Kubernetes networking, ingress controllers, and service mesh patterns
- Open source contributions or community involvement in cloud-native infrastructure, Kubernetes, or multi-cloud tooling