Senior DevOps Engineer

Role Summary: We’re hiring a Senior DevOps Engineer to own and continuously improve our CI/CD and developer enablement experience on an AWS-first, serverless platform. You’ll build reliable and secure deployment pipelines in GitHub Actions, improve automation testing workflows and reporting, strengthen observability and cost visibility, and provide pragmatic platform support (DNS/hosting) while maintaining a strong security posture (IAM, access controls, guardrails). About you: You should be a clear communicator who partners well with product engineers. You are automation-first, pragmatic, and metrics driven. You prefer paved roads over bespoke fixes – someone who is happy documenting decisions and patterns for re-use. Key Responsibilities: - CI/CD Ownership - Own end-to-end CI/CD pipelines and release workflows across service using GitHub actions - Drive improvement of pipeline speed, reliability, repeatability, and deployment safety (environmental promotion, approvals, rollback) - Build and maintain reusable pipeline components (shared workflows, actions, templates) to standardize delivery - Developer Experience & test automation enablement - Improve developer workflow efficiency through automation, self-service tooling, and documented “golden paths” - Partner with engineers to support and evolve automated testing, including test execution, reporting, and feedback loops - Reduce developer toil by eliminating manual steps and improving failure diagnostics (faster root cause, clearer logs) - Observability, metrics, and cost reporting - Own platform observability strategy for serverless workloads: logging, metrics, alerting, dashboards, and traces (where relevant) - Establish and maintain operational KPIs (pipeline health, deploy success, reliability, MTTR) - Deliver cost visibility and reporting (FinOps-style): trends, key drivers, optimization opportunities, and budgeting support - Platform support (as needed) - Provide support for website hosting patterns and operational needs (as applicable) - Own/assist with domain management and DNS changes (safe change process, documentation, access controls) - Platform security & IAM - Own and improve IAM configuration and access patterns (least privilege, role design, secure defaults) - Embed security controls into CI/CD (secrets handling, permissions, pipeline hardening, scanning where applicable) - Maintain security posture and guardrails across AWS (and the smaller Azure footprint where relevant) - Collaboration & operational intelligence - Participate in incident response and follow-through (postmortems, preventative actions) - Document standards, runbooks, and platform patterns; mentor engineers on best practices Qualifications  - Deep hands-on AWS experience, including security fundamentals (IAM, networking basics, logging/monitoring) - Strong CI/CD and release engineering experience, specifically GitHub actions - Strong Infrastructure-as-code experience (Terraform required, CloudFormation strongly preferred) - Practical experience supporting serverless systems in production (AWS Lambda + event-driven AWS services) - Experience with observability (dashboards, alerting, metrics/logging) and operational response - Ability to own and improve developer experience (tooling mindset, empathy for dev workflows, automation-first) - Strong scripting/automation skills (Bash + Python or Go) - Azure experience as above - AWS Certification/s (e.g. AWS Certified Solutions Architect) - Integration of Generative AI service (e.g. AWS Bedrock, OpenSearch, etc.) - Advanced observability practices (OpenTelemetry, tracing, SLO/SLI design) - Cost optimization experience in serverless environments (Lambda tuning, DynamoDB patterns, log volume control) - Security tooling in CI/CD (dependency scanning, SBOMs, artifact signing/provenance)