DevOps Engineer

We are looking for DevOps Engineer on behalf of our client to join to the leader from the payment sector.

Сlient: A project that provides payment transaction services;

Contract: B2B

Location: Remote from Poland

Description:

• The role will require managing and maintaining core AWS services including EC2, EKS, ECR, S3, KMS, VPC, SageMaker, and CloudWatch. Responsibilities include handling network configurations within AWS VPC, managing security groups, subnets, and transit gateways, and utilizing AWS CloudWatch to monitor and ensure system health and performance.
• A significant part of the role will involve implementing and managing Kafka clusters to ensure high availability and performance, using Kafka MirrorMaker for data replication and synchronization across data centers. Security duties include enabling TLS/SSL mutual authentication and channel encryption for Kafka communications.
• The role will require developing and maintaining Infrastructure as Code (IaC) using Terraform, creating and managing reusable Terraform modules for AWS resources. Additional responsibilities include managing containerized workloads using Kubernetes (EKS), implementing and troubleshooting service mesh solutions with Istio, and maintaining and optimizing image management within ECR.
• Configuring and managing CI/CD pipelines using tools like ArgoCD and Jenkins, and automating deployments to ensure efficient and error-free delivery of new features and updates are also part of the role. Monitoring solutions will be developed and configured using AWS CloudWatch and Datadog, with logging and alerting frameworks implemented and maintained to ensure system uptime and performance.
• Security and compliance are key aspects of this role. The role will require managing encryption and security keys using AWS KMS, ensuring compliance with security best practices to keep environments secure, and assisting in vulnerability management and remediation following internal policies and standards.
• Key projects and initiatives include enforcing mutual TLS (mTLS) between Kafka clients and brokers to ensure service communications are mutually authenticated and encrypted, logging full details of every request and response from external sources for perimeter auditing, and implementing Istio External Authorization Filter for user authorization. The role also involves ensuring all external services connect via the audited route and developing solutions for AuthZ services to ensure fine-grained permission policies and least privileged access.

Program/Project Overview:

• Provisioning of new cloud based infrastructure to support CMS platform convergence work that is currently underway.

Engagement Deliverable(s):

• Successful provisioning of new infrastructure to support the CMS platform convergence work that is currently underway. This will require the individuals to successfully support the design and implementation of a new set of AWS accounts an environments, with the deployment of networking and Kafka. This will need to be provisioned in a way that is fully automated and follows CI/CD best practice.

If you’re interested and meet the qualifications, please send your CV to Alina Pchelnikova at alina.pchelnikova@dcvtechnologies.co.uk