The position reports to the Head of DevSecOps
Job Overview:
To lead the architecture, delivery, and scaling of modern greenfield projects deployed natively on AWS cloud infrastructure. You will be a key player in driving our cloud strategy, designing resilient cloud CI/CD pipelines, and enforcing strict Infrastructure as Code (IaC) principles. A core focus of our forward-looking roadmap involves architecting seamless, secure cross-cloud data pipelines, specifically integrating our AWS-native workloads with enterprise data analytics platforms like GCP BigQuery.
In tandem with our cloud expansion, you will champion an enterprise-wide engineering culture of technical excellence across our hybrid environments. This includes systematically migrating and streamlining our existing CI/CD infrastructure into unified GitLab Cloud architectures, setting strict governance benchmarks for modular pipeline development ("write once, use everywhere"), and implementing automated security gating (SAST/Container Scanning).
Finally, you will act as the vital technical bridge ensuring the absolute stability and high availability of our established on-premise environments. You will oversee the maintenance and optimization of our Docker Swarm cluster and RHEL-based internal VMs across tightly segmented networks, ensuring our legacy application workflows remain secure and performant without sacrificing velocity or systemic auditability.
Your work life:
- Cloud Execution & BigQuery Integration: You will implement and maintain modern greenfield projects deployed natively on AWS according to our designated cloud architecture. You will execute Infrastructure as Code (IaC) blueprints and configure secure data pipelines to integrate cloud workloads with enterprise analytics platforms like GCP BigQuery.
- Pipeline Architecture & Migration: You will join the technical effort to migrate our CI/CD pipelines away from legacy Jenkins and self-hosted environments over to GitLab Cloud. You will build and maintain modular, reusable pipeline templates that support both modern containerized applications and legacy direct-to-VM deployments based on our "Write once, use everywhere" framework.
- Automated Security Integration (DevSecOps): You will operationalize and configure tools like SonarQube, GitLab Pipeline Security Scanning (SAST), and Docker Scout within established workflows. Your focus will be maintaining automated quality gates that effectively secure builds without slowing down development velocity.
- Observability Implementation: You will support the observability culture by directly assisting developers to onboard their applications onto OpenTelemetry (Otel) for distributed tracing and metric collection. You will deploy and maintain the Grafana LGTM stack (Loki, Tempo, Mimir) and Grafana Alloy to implement designated alerting and notification strategies.
- On-Prem Platform Stability: You will maintain and optimize our established on-premise infrastructure to ensure high availability and stability. This includes supporting our Docker Swarm cluster and RHEL-based internal VMs across segmented networks (Dev, Staging, Prod) according to standard operating and audit procedures.
- Infrastructure as Code (IaC) & Configuration Management: You will write, maintain, and version-control clear IaC scripts (such as Ansible, Terraform) to consistently provision AWS infrastructure and maintain configuration baselines across both cloud and on-premise environments.
- Release Standby & Incident Support: You will provide technical support during application releases and infrastructure maintenance windows, ensuring rapid troubleshooting of build failures, SSL handshakes, or environment mismatches to guarantee zero-downtime deployments.
- Cross-Functional Network Coordination: You will interface directly with our internal Network Division to implement required firewall rules, routing policies, and secure network segmentation, providing them with clear technical specifications for your AWS, GCP, and on-premise application paths
To be considered, you’ll need:
- Experience: 5+ years of hands-on experience In DevOps, SRE or Infrastructure Engineering roles, working within defined enterprise architecture.
- Cloud Capability (AWS/GCP): Proven experience deploying and maintaining infrastructure workloads in AWS using Infrastructure as Code (IaC) tools like Terraform, alongside exposure to configuring data pipelines or integrations with GCP BigQuery.
- CI/CD Migration Expertise: Strong proficiency with GitLab CI (complex YAML, runners, and templates). Practical experience executing pipeline migrations away from legacy Jenkins or self-hosted environments is highly valued.
- Linux Deep Dive & Stability: Deep operational knowledge of RHEL/CentOS systems, including mastery of systemd, user permissions, local firewalld management, and standard OS performance tuning.
- Container Orchestration: Solid production-level experience managing and maintaining Docker Swarm or Kubernetes environments, with the ability to confidently support Swarm as an interim platform.
- Cross-Functional Collaboration: Strong technical communication skills to cleanly interface with external divisions, such as providing precise routing and firewall specifications to a dedicated Network Division.
- Legacy sensitivity & IT Governance: Comfort supporting and troubleshooting pipelines for older application runtimes (e.g., PHP 5.6 to 8, legacy Java frameworks) while strictly adhering to formal change management, audit trails, and data integrity standards.
The Tech Stack
- Cloud & Modern Infrastructure: AWS (EC2, IAM, Core Services), GCP (BigQuery Integration).
- CI/CD & Security: GitLab Cloud, Jenkins (Legacy), SonarQube, GitLab Security Scanners (SAST), Docker Scout.
- Infrastructure as Code (IaC) & Configuration: Terraform, Ansible, Systems Automation Blueprints.
- Container Orchestration & OS: Docker Swarm (Interim Platform), RHEL / CentOS, Internal VMs.
- Observability & Logging: Grafana LGTM Stack (Loki, Tempo, Mimir) , OpenTelemetry (Otel) , Grafana Alloy.
- Legacy Runtimes & Frameworks: PHP (5.6 to 8) , Legacy Java Frameworks.
- Collaboration & Governance: Jira/Confluence, ITSM Change Management Tools.
Our Commitment to You
At Time, we believe great work deserves great support. Here’s what you can look forward to when you join us:
- Comprehensive medical coverage for you and your immediate family, including outpatient care, hospitalisation, dental and optical benefits.
- Wellness support with an annual spending account for health-related needs, alternative treatments, or even paid-up premiums for personal insurance.
- Employee assistance during life’s big moments, from celebrations to times of bereavement.
- Learning & growth opportunities through dedicated time for learning, access to LinkedIn Learning and rewards for upskilling.
- Cash rewards for recognised certifications and full reimbursement for up to two approved professional memberships each year.
*Only shortlisted candidates will be notified