DevOps Engineer

DevOps Engineer

Samana Group is seeking a hands-on DevOps Engineer with 5+ years of experience to own the infrastructure, CI/CD pipelines, and cloud operations across our multi-cloud technology stack. The role sits at the intersection of software delivery and platform reliability — you will drive automation, orchestrate containerized workloads on EKS/AKS/GKE, and ensure the stability of integrations spanning AWS, Azure, and GCP.

CI/CD Pipeline Engineering

•      Design, build, and maintain end-to-end CI/CD pipelines using GitHub Actions, Jenkins, and GitLab CI for microservices and containerized applications

•      Implement automated build, test, and deployment workflows with quality gates, approval stages, and automated rollback mechanisms

•      Build and maintain reusable pipeline templates and shared libraries to standardize deployments across all teams

•      Manage branching strategies and GitOps workflows using Argo CD — trunk-based development, feature flags, and environment promotion pipelines

•      Implement Blue/Green, Canary, and Rolling deployment strategies across EKS clusters

•      Manage container image tagging, versioning, and promotion strategies across ECR

•      Automate environment provisioning and teardown for ephemeral dev and QA environments

•      Inject secrets into pipelines securely using AWS Secrets Manager, Azure Key Vault, and GCP Secret Manager

•      Track and improve metrics — deployment frequency, lead time, change failure rate, and MTTR

AWS EKS & Kubernetes Operations

•      Provision, configure, and manage AWS EKS clusters — managed node groups and cluster

•      Manage Kubernetes workloads — Deployments, StatefulSets, DaemonSets, CronJobs, ConfigMaps, and Secrets across namespaces

•      Design and maintain Helm charts for packaging and deploying NestJS, Node.js, Next.js, React, and Python FastAPI applications

•      Configure EKS networking — VPC CNI, CoreDNS, ALB Ingress Controller, and service mesh (Istio/Linkerd)

•      Implement HPA, VPA, and Cluster Autoscaler for dynamic workload scaling based on traffic and resource demand

•      Manage EKS upgrades — control plane, node group, and add-on version management with zero-downtime strategies

•      Manage ECR repositories — image lifecycle policies, vulnerability scanning, and cross-account access

•      Troubleshoot pod failures, OOMKilled events, CrashLoopBackOff issues, and node-level resource exhaustion

•      Implement IAM Roles for Service Accounts (IRSA) to enforce least-privilege pod-level access to AWS services

•      Also manage AKS (Azure) and GKE (GCP) clusters ensuring consistent deployment standards across all cloud providers

Cloud Operations

•      Manage and optimize core AWS services — EC2, Lambda, S3, RDS Aurora (PostgreSQL/MySQL), VPC, API Gateway, CloudFront, Route 53

•      Design and maintain serverless architectures using AWS Lambda, SNS, SQS, and API Gateway for event-driven workloads

•      Configure S3 Cross-Region Replication (CRR) and AWS Backup policies for disaster recovery and data durability

•      Manage AWS Amplify deployments for frontend applications and integrate with CI/CD pipelines

•      Support AWS SageMaker AI infrastructure provisioning and model deployment pipelines

•      Maintain IAM policies, roles, and permission boundaries following least-privilege principles

•      Manage CloudFormation stacks for infrastructure provisioning and drift detection

•      Manage GCP workloads — Cloud Run, Compute Engine, GKE, Cloud SQL (PostgreSQL), and Cloud Storage

•      Build and maintain Cloud Build pipelines and Artifact Registry for containerized application delivery

•      Configure Cloud Armor, Cloud Load Balancing, and VPC security policies for production workloads

•      Manage Google Identity and Google Maps Platform API integrations and infrastructure

•      Maintain GCP Secret Manager and enforce secrets rotation policies across services

Infrastructure as Code & Automation

•      Write and maintain Terraform modules for EKS, AKS, GKE clusters, VPCs, IAM roles, and supporting multi-cloud infrastructure

•      Manage Terraform state with remote backends (S3 + DynamoDB), workspace strategies, and state locking

•      Maintain AWS CloudFormation stacks for AWS-native provisioning and stack drift remediation

•      Automate Kubernetes manifest generation using Kustomize and Helm values for environment-specific configuration

•      Write Bash and PowerShell automation scripts for operational tasks, scheduled jobs, and configuration management

•      Implement infrastructure drift detection and automated remediation workflows

Database Infrastructure

•      Manage and maintain Aurora PostgreSQL and Aurora MySQL clusters — parameter groups, backups, failover, and read replicas

•      Oversee Amazon RDS instances, Cloud SQL (PostgreSQL) on GCP, and SQL Server environments

•      Configure database connectivity, JDBC/ODBC settings, and VPC-level access controls

•      Implement automated backup schedules, point-in-time recovery, and cross-region snapshot replication

•      Monitor database performance metrics — query latency, connection pooling, and storage thresholds

Application Stack & Middleware

•      Support deployment and operations of NestJS, Node.js, Next.js, React, and Python FastAPI applications on Kubernetes

•      Manage self-hosted n8n workflow automation platform — deployment, upgrades, and operational reliability

•      Maintain integration platform operations — container log management, connector health, and runtime upgrades

•      Collaborate with development teams on Dockerizing applications, optimizing container images, and multi-stage build strategies

Monitoring & Observability

•      Deploy and manage cluster-level monitoring using Prometheus, Grafana, and AWS CloudWatch Container Insights

•      Implement centralized log aggregation from EKS/AKS/GKE workloads using Fluent Bit, CloudWatch Logs, or ELK stack

•      Configure distributed tracing across microservices using AWS X-Ray or OpenTelemetry

•      Set up alerting for pod restarts, deployment failures, node pressure, and database connectivity issues

•      Build dashboards tracking infrastructure health, deployment frequency, and incident response SLAs

•      Perform real-time packet analysis using tcpdump and Wireshark to diagnose network-level failures

•      Lead incident response — triage, root-cause analysis, resolution, and post-mortem documentation

•      Maintain runbooks and operational playbooks for all critical systems

Security & Compliance

•      Manage SSL/TLS certificates — issuance, renewal, and deployment across all cloud endpoints

•      Implement Kubernetes Pod Security Standards and OPA/Gatekeeper policies for workload governance

•      Enforce network policies to control pod-to-pod and pod-to-external traffic across all clusters

•      Integrate image vulnerability scanning (Trivy, ECR scanning) into CI/CD pipelines and block non-compliant images

•      Manage secrets rotation using AWS Secrets Manager, Azure Key Vault, and GCP Secret Manager

•      Conduct regular IAM access reviews and enforce least-privilege across AWS, Azure, and GCP

•      Bachelor’s degree in Computer Science, Information Technology, or related field

•      5+ years of hands-on DevOps / Cloud Infrastructure experience in a production environment

•      Experience managing multi-cloud environments — AWS, Azure, and GCP simultaneously

•      Proven track record managing Kubernetes in production at scale (EKS, AKS, or GKE)

•      Experience building and maintaining CI/CD pipelines for microservices-based architecture