Skip to main content
SponsorJobs

Infrastructure Engineer

Greater Glasgow Area Contract Posted 1 week ago

Platform engineer

Glasgow Onsite (5 days onsite)



Required Skill


  • s
    BS/MS degree in Computer Science, related technical field, or equivalent with 8+ years of industry experien
  • ce5+ years hands-on experience with Envoy Proxy (xDS/ADS, ext_authz, HTTP/2, gRPC, WebSocket) and/or Kong API Gateway (plugin development, DB-less mode, Admin AP
  • I)Strong Go development skills - control-plane services, gRPC APIs, Kubernetes controllers (client-go), concurrency patter
  • nsProduction Kubernetes experience (EKS and/or on-prem clusters) - Helm charts, HPA, PodDisruptionBudgets, NetworkPolicy, namespace isolation, ArgoCD GitO
  • psDeep understanding of OAuth 2.0 / OIDC / PKCE flows, DPoP sender-constrained tokens, mTLS, and session management patter
  • nsExperience with OPA (Open Policy Agent) policy authoring in Rego and sidecar deployment patter
  • nsHands-on with OpenTelemetry (traces, metrics, logs), Dynatrace, and Splunk SIEM integrati
  • onWorking knowledge of CDN/WAF platforms (Akamai Ion, Kona, Cloudflare) and WAF-as-code automati
  • onExperience with PostgreSQL (HA, connection pooling, PITR) and Kafka (MSK, Schema Registry, DLQ pattern
  • s)Familiarity with DNS steering (GeoDNS, Akamai GTM, health-check routing) and TLS certificate lifecycle (cert-manager, HSM/KM
  • S)Strong CS fundamentals - networking (L3-L7), distributed systems, data structures & algorith
  • msExperience building high-volume, low-latency, resilient infrastructure servic


es
Nice to ha

  • ve:TypeScript/React experience for operator dashboard developm
  • entAWS infrastructure experience (EKS, MSK, Lambda, Direct Connect, Network Firewa
  • ll)Bitbucket Pipelines CI/CD and GitOps delivery workfl
  • owsExperience with CAEP (Continuous Access Evaluation Protocol) or similar session revocation mechani
  • smsBackground in identity platforms (ForgeRock, SAML federation, token exchange patter



ns)

Job Descri


ption
Day-to-day responsibil

  • ities:Design, build and operate Envoy and Kong gateway infrastructure serving production traffic across multiple lines of bu
  • sinessDevelop Go-based control-plane services - Ingress Registry, xDS controllers, Session Manager, Context Prop
  • agatorImplement and maintain OPA policy bundles for coarse-grained authorization at the gateway
  • layerBuild and extend OpenTelemetry instrumentation pipelines (OTel Collector, Dynatrace OTLP ingest, Splunk SIEM forwa
  • rding)Manage GitOps-driven deployments via ArgoCD and Helm across multi-cluster Kubernetes enviro
  • nmentsAutomate WAF rule management across Akamai and Cloudflare using WAF-as-code pa
  • tternsContribute to the platform operator console (TypeScript/React) for route management, drift detection, and session visi
  • bilityCollaborate with LOB teams to onboard routes and migrate traffic from legacy ingress infrastr
  • uctureParticipate in incident response, runbook development, and production readiness r
  • eviewsChampion software engineering best practices - code review, testing, documentation, and observability-first


design