Principal Software Engineer - DevOps
The Senior DevOps Engineer works\nwith the team to lift the visibility, reliability, and security of the\nplatforms that serve our clients and end\-users globally. We are a focused team\nso your judgment materially shapes how the platform runs.<\/span> The role owns:<\/span><\/b> \u2022 <\/span><\/span><\/span>Reliability and uptime of Esyasoft's production estate\non AWS and Kubernetes \u2022 <\/span><\/span><\/span>CI/CD pipeline ownership \u2014 finalizing the move to full\nautomation via GitOps \u2022 <\/span><\/span><\/span>Observability, security and compliance posture across\nthe platform \u2022 <\/span><\/span><\/span>On\-call coverage and incident response as part of a\npaid weekly rotation Key Responsibilities & Areas of Ownership<\/b> A. Cloud\nInfrastructure and Platform Operations<\/b> \u2022 <\/span><\/span><\/span>Own day\-to\-day reliability of Esyasoft's production\nestate on AWS and Kubernetes, including incident triage and remediation \u2022 <\/span><\/span><\/span>Operate and harden the Linux server fleet (Rocky Linux,\nAmazon Linux) and supporting database layers \u2022 <\/span><\/span><\/span>Manage cloud cost and capacity in partnership with\nengineering \u2014 right\-size, decommission and forecast B. CI/CD\nand Infrastructure as Code<\/b> \u2022 <\/span><\/span><\/span>Finalise the transition to a fully automated CI/CD\npipeline (Jenkins to GitOps via FluxCD) \u2022 <\/span><\/span><\/span>Maintain and extend Infrastructure as Code using\nTerraform and Kustomize \u2022 <\/span><\/span><\/span>Curate the developer experience so engineers can ship\nsafely, quickly, and with minimal friction<\/b> C.\nObservability, Monitoring and Incident Response<\/b> \u2022 <\/span><\/span><\/span>Evolve the monitoring stack (Prometheus, Grafana) \u2014\ndashboards, alerts and SLOs that earn their keep \u2022 <\/span><\/span><\/span>Lead incident response during your rotation; drive\nblameless post\-mortems and follow\-through actions \u2022 <\/span><\/span><\/span>Participate in the weekly paid on\-call rotation to\nmaintain service levels for Esyasoft's users D.\nSecurity and Compliance<\/b><\/span><\/span> \u2022 <\/span><\/span><\/span>Maintain Esyasoft's posture against Cyber Essentials,\nISO 27001 and PCI\-DSS \u2022 <\/span><\/span><\/span>Embed secure\-by\-default patterns in CI/CD, IaC,\ncontainer images and Kubernetes manifests; partner on access reviews and\nsecrets management E.\nEngineering Practice and Team Contribution<\/b><\/span><\/span> \u2022 <\/span><\/span><\/span>Mentor peers and product engineers on infrastructure,\ndeployment and reliability practice \u2022 <\/span><\/span><\/span>Contribute to architectural decisions across the wider\nengineering team F.\nTooling and Continuous Improvement<\/b><\/span><\/span> \u2022 <\/span><\/span><\/span>Evaluate emerging tools and patterns responsibly \u2014\nprove value, then adopt; keep what we have working hard before reaching for the\nnew \u2022 <\/span><\/span><\/span>Curate documentation and runbooks so platform knowledge\nis shared across the team, not siloed Required\nSkills & Experience<\/b> \u2022 <\/span><\/span>Proven track record running production workloads on\nAWS, with hands\-on experience operating Kubernetes in production (not just\ndeploying to it) \u2022 <\/span><\/span>Strong foundations in core systems \u2014 Linux, HTTP,\nnetworking, Bash and a scripting language (Python preferred) \u2022 <\/span><\/span>Practical experience with Infrastructure as Code\n(Terraform preferred), GitOps tooling and CI/CD pipelines end\-to\-end \u2022 <\/span><\/span>Comfort participating in an on\-call rotation and\nleading incident response, including blameless post\-mortems Desirable\nSkills & Experience<\/b> \u2022 <\/span><\/span>Exposure to compliance frameworks \u2014 Cyber Essentials,\nISO 27001 or PCI\-DSS \u2014 in a production context \u2022 <\/span><\/span>Experience with additional cloud providers (Digital\nOcean, GCP) and database operations at scale (MySQL) \u2022 <\/span><\/span>PHP exposure (Esyasoft's stack includes PHP services) Key\nAttributes<\/b> \u2022 <\/span><\/span>Pragmatic \u2014 picks the smallest change that solves the\nreal problem; values clarity over cleverness \u2022 <\/span><\/span>Reliability\-minded \u2014 instinctively asks 'what does this\nlook like when it breaks?' before shipping \u2022 <\/span><\/span>Clear communicator \u2014 writes runbooks, explains\nincidents and pushes back without drama Use of Technologies<\/b> Esyasoft operates primarily within\nthe cloud\-native ecosystem and includes the requirement to work as a competent\nuser of:<\/span> \u2022 <\/span><\/span>AWS, Kubernetes, Docker \u2022 <\/span><\/span>Terraform, Kustomize, FluxCD, Jenkins, Prometheus,\nGrafana, MySQL \u2022 <\/span><\/span>Python, Bash, PHP \u2014 running on Rocky Linux / Amazon\nLinux This role may also require\nflexibility to work with additional cloud providers (Digital Ocean, GCP) and\nthird\-party tools as the platform evolves.<\/span>
<\/p>
<\/p>
<\/p>
<\/p>
<\/p>
<\/p>
<\/p>
<\/p>
<\/b><\/p><\/div>
<\/p>
<\/p>
<\/p>
<\/p>
<\/p>
<\/p>
<\/p>
<\/b><\/p>
<\/p>
<\/p>
<\/p>
<\/p>
<\/p>
<\/p>
<\/p>
<\/p>
<\/p>
<\/p>
<\/p>
<\/p>
<\/p>
<\/div><\/span>Requirements<\/h3>
<\/b><\/p>
<\/p>
<\/p>
<\/p>
<\/p>
<\/b><\/p>
<\/p>
<\/p>
<\/p>
<\/b><\/p>
<\/p>
<\/p>
<\/p>
<\/p>
<\/b><\/p><\/div>
<\/p>
<\/p>
<\/p>
<\/p>
<\/p>
<\/p>
<\/div><\/span>