Our Partner is expanding their Kubernetes-backed containerization and orchestration platform, and are seeking a
Software Engineer who is passionate about building secure, scalable, and automated capabilities end-to-end. You'll own features across the full development lifecycle-from design and development to deployment and operations-while enforcing strong security guardrails and enabling efficient multi-tenant workload isolation. This role is ideal for engineers who enjoy working close to the platform, automating everything, and turning complex operational requirements into elegant, repeatable solutions.
Responsibilities - Design and build new capabilities for our Kubernetes platform, including container orchestration workflows, deployment tooling, and operational automation
- Develop and maintain custom Helm charts (or equivalent Kubernetes resource management artifacts) for repeatable, compliant deployments across environments
- Implement and enforce Kubernetes RBAC security policies, native roles, and role bindings for least-privilege access and granular workload isolation
- Leverage namespaces to segment workloads and align tenancy, compliance, and operational boundaries
- Integrate CI/CD pipelines with Kubernetes orchestration to automate build, test, deploy, and rollback processes
- Instrument workloads and platform components with metrics, health checks, and standardized endpoints to improve observability and SLO adherence
- Collaborate cross-functionally with security, cloud, networking, and application teams to ensure platform capabilities meet mission needs
- Document architecture, patterns, runbooks, and guardrails to drive consistency and enable self-service
Requirements - TS/SCI FSP Clearance
- Bachelor's degree in Computer Science, Computer Engineering, or closely related field; or equivalent practical experience
- Full development lifecycle experience delivering capabilities on Kubernetes (design, build, test, deploy, operate)
- Hands-on experience building and maintaining custom Kubernetes Helm charts or an equivalent resource manager (e.g., Kustomize)
- Proven expertise with Kubernetes RBAC policy configuration and enforcement
- Practical use of namespaces to separate and manage workloads
- Experience configuring granular workload permissions using native roles and role bindings
- Experience building automation pipelines (CI/CD) that interface directly with Kubernetes orchestration (e.g., GitOps, progressive delivery)
Desired Skills - Experience developing custom Kubernetes controllers, including mutating and validating admission webhooks to enforce policy and standardization
- Hands-on with advanced security policy enforcement using Istio service mesh (e.g., mTLS, policy, traffic management)
- Experience defining custom Kubernetes-native network policies (CNI) for zero-trust segmentation
- Track record managing multiple, isolated tenants within a single Kubernetes environment
- Experience generating and collecting workload metrics using standard endpoints (e.g., Prometheus, OpenMetrics) and exposing health probes
- Integration of Kubernetes workloads with AWS cloud-native services using IAM role permissions (e.g., IRSA, service account role mapping)
