نشان کن
کد آگهی: KP8369596462
استخدام Senior DevOps Engineer
:fill(transparent):quality(100)/https://mstorage2.jobinjacdn.com/other/files/uploads/images/78aed71e-b809-4a94-837a-e113f83368f2/main.png)
اشترن ایکس تکنولوژی | TechX
در تهران
اطلاعات شغل:
نوع همکاری: تماموقت
مهارتهای مورد نیاز:
DevOps
Docker
CI/CD
Linux
kubernetes
پرداختها: توافقی
متن کامل آگهی:
About Sternx
Sternx is redefining how modern businesses manage endpoints, enforce compliance, and automate IT infrastructure. Our cloud-native and hybrid solutions span UEM, device security, and compliance automation—serving customers across AWS, Azure, GCP, DigitalOcean, and on-premises environments.
As we scale rapidly, we’re looking for an experienced, security-minded, and automation-driven Senior DevOps / Platform Automation Engineer to join our core platform team.
Role Overview
As a Senior DevOps / Platform Automation Engineer at Sternx, you will own the end-to-end automation of infrastructure provisioning, secure deployments, CI/CD pipelines, and observability—across multi-cloud and on-prem customer environments.
You will design and implement repeatable, auditable, and secure deployment workflows, embed security scanning (SAST/DAST/SCA) into pipelines, and enable engineering teams to ship safely and fast. This role requires deep experience in Ansible-driven automation, cloud networking/security, container infrastructure (Docker/Kubernetes), and production-grade monitoring/logging.
Key Responsibilities
1) Automation & On-Prem Deployment Enablement
- Design and maintain automation frameworks to deploy Sternx services on customer-prem environments (air-gapped/restricted networks/custom policies).
- Build and maintain Ansible playbooks/roles for provisioning, configuration, hardening, and lifecycle operations (install/upgrade/rollback).
- Create standardized deployment blueprints for various environments (cloud, hybrid, on-prem), including pre-flight checks, health checks, and post-deploy validation.
- Implement robust upgrade orchestration, rollback flows, and dependency management for distributed services.
2) CI/CD & GitHub-based Delivery
- Architect and maintain CI/CD pipelines using GitHub Actions (or equivalent) with strong release governance.
- Implement release strategies: blue/green, canary, staged rollout, and automated rollback triggers.
- Build internal tooling to streamline dev/staging/prod workflows, versioning, artifact publishing, and environment promotion.
3) DevSecOps & Security Automation (Mandatory)
- Embed SAST / DAST / SCA into CI/CD pipelines with gating policies and actionable reporting.
- Define and enforce secure SDLC controls: secrets management, dependency control, signed artifacts, and least-privilege access.
- Implement security best practices for infrastructure: IAM, TLS, network segmentation, bastion/VPN access, key rotation, and hardening baselines.
- Partner with engineering to define threat-aware deployment models for hybrid and endpoint-centric environments.
4) Observability & Reliability Engineering
- Build and operate monitoring/alerting: Prometheus, Grafana, plus endpoint/agent monitoring where needed.
- Operate logging/analytics using Elastic Stack (ELK) (or compatible pipeline) and define retention, indexing, and correlation standards.
- Improve platform reliability: SLO/SLI definition, incident response runbooks, postmortems, and capacity planning.
5) Container & Platform Infrastructure
- Design and maintain container platforms using Docker and Kubernetes (or lightweight options such as K3s where appropriate).
- Standardize deployment patterns (Helm/Kustomize if applicable), and manage cluster-level security and upgrade cycles.
- Maintain secure networking: DNS, reverse proxies, ingress, service discovery, and internal/external traffic policies.
Required Skills
- 5+ years in DevOps / SRE / Platform Engineering
- Strong Ansible automation experience (roles, inventories, hardening, lifecycle ops)
- Kubernetes & Docker (production deployments, security, upgrades)
- CI/CD & GitOps: GitHub Actions, ArgoCD
- Cloud platforms: AWS, GCP (Azure & DigitalOcean a plus)
- Monitoring & Logging: Prometheus, Grafana, Loki, ELK
- Scripting: Bash, Python (Go familiarity preferred)
- Strong understanding of networking, security, and microservices
- Fluent in English (written & spoken) with strong documentation skills
Nice to Have
- Experience with air-gapped deployments and artifact mirroring strategies.
- Experience with HashiCorp Vault (or equivalent secrets manager) and PKI automation.
- Experience with supply chain security: SBOM generation, signing (cosign), provenance (SLSA concepts).
- Familiarity with policy-as-code (OPA/Gatekeeper) and Kubernetes security tooling.
این آگهی از وبسایت جابینجا پیدا شده، با زدن دکمهی تماس با کارفرما، به وبسایت جابینجا برین و از اونجا برای این شغل اقدام کنین.
هشدار
گزارش مشکل آگهی
تماس با کارفرما
این آگهی رو برای دیگران بفرست
نشان کن
گزارش مشکل آگهی
جستجوهای مرتبط
دوشنبه 9 دی 1404، ساعت 12:24