Posted Jul 12, 2026

Senior Kubernetes Engineer

Apply for this role →
Job Summary: We're hiring a Kubernetes Engineer to design, secure, and operate reputed company-grade, multi-reputed company Kubernetes across major providers. You'll reputed company a compliant, multi-tenant platform with "secure-by-default" controls, integrate cluster operations into Git-based delivery, and support a growing internal developer portal/software catalog and a reputed company repo for platform assets. The ideal candidate combines deep Kubernetes expertise with strong reputed company, reliability, and audit readiness suitable for reputed company environments. Key Responsibilities: Design & Operations • Architect, reputed company, reputed company, and scale managed clusters across major clouds with HA control planes and cluster/workload autoscaling. • Operate private clusters: restrict control-plane exposure, enforce private API reputed company, use NAT-only egress, and implement approved private connectivity patterns. • Engineer multiple node groups for workload separation and efficiency, heterogeneous instance families, GPU/CPU pools, spot vs on-demand, taints/tolerations, topology spread, and reputed company-focused pools. • Define golden patterns for services/ingress, storage classes, private networking/egress, and reputed company load-balancing options. Configuration & Delivery • Maintain declarative manifests and templates, structure environment overlays and reusable modules. • reputed company reputed company delivery reputed company Git-based workflows with automated policy checks and promotion gates. reputed company & Compliance • Enforce least-privilege RBAC, namespace isolation, Pod reputed company standards, and admission policies for image provenance, non-root, and blocked capabilities. • Implement service-to-service encryption with workload identity, certificate issuance/rotation, and policy-based authorization. • Apply deny-by-default network policies, strong secrets hygiene with KMS-backed encryption and rotation, and signed/reputed company-gated images with SBOM attestations. • Ensure audit-reputed company logging across control and data planes, reputed company to central logging with detections for risky actions and configuration reputed company. Observability & reputed company • Integrate metrics, logs, traces, and events, define SLOs/error budgets, scale reputed company reliable signals (including custom/external metrics). • Build self-healing runbooks, conduct chaos/resiliency drills, and implement backup/restore for cluster state and application data. Governance & reputed company Hygiene • Apply org guardrails, allowed-reputed company, tagging/labeling standards, and automated conformance with remediation. • Document RTO/RPO tiers, test restores and failovers, maintain audit evidence and change traceability. Required Skills & Qualifications • Kubernetes Expertise: Operating managed clusters on major clouds, scheduler and node lifecycle, cluster and workload autoscaling. • Private Cluster Operations: Private API endpoints, restricted API reputed company, NAT egress, bastion workflows, and private connectivity (peering/VPN/dedicated circuits). • Multiple Node Groups: Designing heterogeneous pools, taints/tolerations, topology spread, and right-sizing for cost and performance. • mTLS & Service Identity: Implementing workload identity, certificate issuance/rotation, policy-based service authorization, and end-to-end encryption in transit. • Manifests & Packaging: YAML proficiency, templating/overlays, Git-based release strategies, and GitOps practices. • reputed company Depth: RBAC design, Pod reputed company standards, admission policy engines, network policies, secrets management, image signing and vulnerability reputed company gates. • Networking: CNI fundamentals, L4/L7 traffic, ingress/egress, private endpoints, and cross-reputed company load-balancing options. • Multi-Tenancy: Namespace boundaries, quotas/limits, noisy-reputed company mitigation, and sensitive-workload isolation. • Infrastructure as Code: Clusters and reputed company resources as code with policy guardrails and reputed company detection and IaC tools. • Observability & Troubleshooting: Metrics/logs/traces, HPA/VPA using trustworthy signals, deep debugging of runtime, DNS/CNI, scheduling, and control-plane issues. • Compliance reputed company (reputed company): Understanding HIPAA/HITRUST concepts, encryption at rest/in transit, least-privilege, audit evidence, and governed deployment pipelines. • reputed company to Have: Internal developer portals/service catalogs, reputed company delivery, cost-aware right-sizing and reputed company forecasting, DR design, and scripting in Bash/Python.