Principal Software Engineer - DevOps

The Senior DevOps Engineer works\nwith the team to lift the visibility, reliability, and security of the\nplatforms that serve our clients and end\-users globally. We are a focused team\nso your judgment materially shapes how the platform runs.<\/span>
<\/p>


<\/p>

The role owns:<\/span><\/b>
<\/p>

\u2022 <\/span><\/span><\/span>Reliability and uptime of Esyasoft's production estate\non AWS and Kubernetes
<\/p>

\u2022 <\/span><\/span><\/span>CI/CD pipeline ownership \u2014 finalizing the move to full\nautomation via GitOps
<\/p>

\u2022 <\/span><\/span><\/span>Observability, security and compliance posture across\nthe platform
<\/p>

\u2022 <\/span><\/span><\/span>On\-call coverage and incident response as part of a\npaid weekly rotation
<\/p>


<\/p>

Key Responsibilities & Areas of Ownership<\/b>
<\/b><\/p><\/div>

A. Cloud\nInfrastructure and Platform Operations<\/b>
<\/p>

\u2022 <\/span><\/span><\/span>Own day\-to\-day reliability of Esyasoft's production\nestate on AWS and Kubernetes, including incident triage and remediation
<\/p>

\u2022 <\/span><\/span><\/span>Operate and harden the Linux server fleet (Rocky Linux,\nAmazon Linux) and supporting database layers
<\/p>

\u2022 <\/span><\/span><\/span>Manage cloud cost and capacity in partnership with\nengineering \u2014 right\-size, decommission and forecast
<\/p>

B. CI/CD\nand Infrastructure as Code<\/b>
<\/p>

\u2022 <\/span><\/span><\/span>Finalise the transition to a fully automated CI/CD\npipeline (Jenkins to GitOps via FluxCD)
<\/p>

\u2022 <\/span><\/span><\/span>Maintain and extend Infrastructure as Code using\nTerraform and Kustomize
<\/p>

\u2022 <\/span><\/span><\/span>Curate the developer experience so engineers can ship\nsafely, quickly, and with minimal friction<\/b>
<\/b><\/p>

C.\nObservability, Monitoring and Incident Response<\/b>
<\/p>

\u2022 <\/span><\/span><\/span>Evolve the monitoring stack (Prometheus, Grafana) \u2014\ndashboards, alerts and SLOs that earn their keep
<\/p>

\u2022 <\/span><\/span><\/span>Lead incident response during your rotation; drive\nblameless post\-mortems and follow\-through actions
<\/p>

\u2022 <\/span><\/span><\/span>Participate in the weekly paid on\-call rotation to\nmaintain service levels for Esyasoft's users
<\/p>

D.\nSecurity and Compliance<\/b><\/span><\/span>
<\/p>

\u2022 <\/span><\/span><\/span>Maintain Esyasoft's posture against Cyber Essentials,\nISO 27001 and PCI\-DSS
<\/p>

\u2022 <\/span><\/span><\/span>Embed secure\-by\-default patterns in CI/CD, IaC,\ncontainer images and Kubernetes manifests; partner on access reviews and\nsecrets management
<\/p>

E.\nEngineering Practice and Team Contribution<\/b><\/span><\/span>
<\/p>

\u2022 <\/span><\/span><\/span>Mentor peers and product engineers on infrastructure,\ndeployment and reliability practice
<\/p>

\u2022 <\/span><\/span><\/span>Contribute to architectural decisions across the wider\nengineering team
<\/p>

F.\nTooling and Continuous Improvement<\/b><\/span><\/span>
<\/p>

\u2022 <\/span><\/span><\/span>Evaluate emerging tools and patterns responsibly \u2014\nprove value, then adopt; keep what we have working hard before reaching for the\nnew
<\/p>

\u2022 <\/span><\/span><\/span>Curate documentation and runbooks so platform knowledge\nis shared across the team, not siloed
<\/p>


<\/div><\/span>

Requirements<\/h3>

Required\nSkills & Experience<\/b>
<\/b><\/p>

\u2022 <\/span><\/span>Proven track record running production workloads on\nAWS, with hands\-on experience operating Kubernetes in production (not just\ndeploying to it)
<\/p>

\u2022 <\/span><\/span>Strong foundations in core systems \u2014 Linux, HTTP,\nnetworking, Bash and a scripting language (Python preferred)
<\/p>

\u2022 <\/span><\/span>Practical experience with Infrastructure as Code\n(Terraform preferred), GitOps tooling and CI/CD pipelines end\-to\-end
<\/p>

\u2022 <\/span><\/span>Comfort participating in an on\-call rotation and\nleading incident response, including blameless post\-mortems
<\/p>

Desirable\nSkills & Experience<\/b>
<\/b><\/p>

\u2022 <\/span><\/span>Exposure to compliance frameworks \u2014 Cyber Essentials,\nISO 27001 or PCI\-DSS \u2014 in a production context
<\/p>

\u2022 <\/span><\/span>Experience with additional cloud providers (Digital\nOcean, GCP) and database operations at scale (MySQL)
<\/p>

\u2022 <\/span><\/span>PHP exposure (Esyasoft's stack includes PHP services)
<\/p>

Key\nAttributes<\/b>
<\/b><\/p>

\u2022 <\/span><\/span>Pragmatic \u2014 picks the smallest change that solves the\nreal problem; values clarity over cleverness
<\/p>

\u2022 <\/span><\/span>Reliability\-minded \u2014 instinctively asks 'what does this\nlook like when it breaks?' before shipping
<\/p>

\u2022 <\/span><\/span>Clear communicator \u2014 writes runbooks, explains\nincidents and pushes back without drama
<\/p>


<\/p>

Use of Technologies<\/b>
<\/b><\/p><\/div>

Esyasoft operates primarily within\nthe cloud\-native ecosystem and includes the requirement to work as a competent\nuser of:<\/span>
<\/p>

\u2022 <\/span><\/span>AWS, Kubernetes, Docker
<\/p>

\u2022 <\/span><\/span>Terraform, Kustomize, FluxCD, Jenkins, Prometheus,\nGrafana, MySQL
<\/p>

\u2022 <\/span><\/span>Python, Bash, PHP \u2014 running on Rocky Linux / Amazon\nLinux
<\/p>


<\/p>

This role may also require\nflexibility to work with additional cloud providers (Digital Ocean, GCP) and\nthird\-party tools as the platform evolves.<\/span>
<\/p>


<\/div><\/span>