Containers / EKS Specialist

About The Position

Requirements

• EKS Architectural Mastery: Deep expertise in designing multi-tenant, highly available EKS environments at enterprise scale, including control plane architecture, compute strategies, and Kubernetes core governance (RBAC, Pod Security Standards).
• Advanced AWS Networking & CNI Strategy: Expert-level understanding of AWS VPC topologies, Transit Gateway, and the strategic selection/implementation of CNIs (AWS VPC CNI, Cilium, Calico) to solve complex IPAM, scaling, and performance challenges.
• Enterprise Security & IAM: Authoritative knowledge of AWS IAM integration with Kubernetes, specifically architecting IAM Roles for Service Accounts (IRSA), EKS Pod Identity, and AWS KMS encryption strategies.
• Traffic Management & Service Mesh: Proven experience architecting enterprise ingress patterns (AWS Load Balancer Controller, API Gateways) and designing Service Mesh architectures (Istio Ambient/Sidecar, Cilium Mesh) for zero-trust networking.
• IaC & Automation Governance: Advanced Terraform expertise, focusing on designing modular, scalable, and compliant IaC frameworks for EKS fleet management and foundational add-ons.

Nice To Haves

• Enterprise Consolidation Leadership: Proven track record of leading massive cluster consolidation programs, migrating sprawling multi-cluster environments into streamlined, cost-optimized architectures.
• FinOps & Compute Strategy: Deep experience with advanced AWS compute scaling and cost-optimization strategies, including Karpenter, Spot Instances, and Graviton (ARM) processors.
• Stateful Workloads & DR: Experience architecting AWS persistent storage (EBS/EFS CSI drivers) and enterprise disaster recovery frameworks (Velero backing up to Amazon S3).
• Platform Engineering & CI/CD: Experience designing scalable, containerized CI/CD runner infrastructure (e.g., GitHub Actions Runner Controller) directly on EKS to support developer platforms.

Responsibilities

• Lead Enterprise EKS Audit: Conduct a comprehensive architectural assessment of the current environment comprising 20+ disparate EKS clusters, analyzing workload distribution, compute utilization, and AWS security postures.
• Formulate Consolidation Roadmap: Architect a strategic consolidation plan to migrate workloads from legacy clusters into a streamlined, highly available, and cost-optimized multi-tenant EKS platform.
• Define CNI & Service Mesh Strategy: Serve as the technical authority to evaluate and resolve complex architectural decisions regarding Container Network Interfaces (e.g., AWS VPC CNI vs. Cilium) and Service Mesh implementations, optimizing for network performance, observability, and IPAM constraints.
• Architect the Golden Cluster Standard: Design and establish the standardized, production-ready "Golden Cluster" architecture. Develop the foundational Terraform frameworks to automate the deployment of the EKS control plane, VPC infrastructure, Karpenter/node groups, and core add-ons.
• Design Advanced Traffic & Storage Patterns: Architect a highly resilient ingress strategy utilizing the AWS Load Balancer Controller for secure external traffic routing, and establish enterprise patterns for persistent storage using EFS and EBS CSI drivers.
• Establish Zero-Trust Security Postures: Enforce strict least-privilege access by mandating EKS Pod Identity or IRSA across the platform. Architect secure cluster communications using Security Groups for Pods and strict Kubernetes Network Policies.
• Lead Architectural Validation: Define the scope and success criteria for pilot migrations. Oversee the end-to-end deployment and validation of representative Python microservice workloads to prove out the AWS architecture, ingress, and mesh capabilities.
• Define Cluster Lifecycle Frameworks: Establish enterprise governance for zero-downtime EKS version upgrades, AMI lifecycles, and create comprehensive architectural runbooks for platform operations teams.
• Architect Disaster Recovery: Design and integrate enterprise-grade backup, restore, and disaster recovery capabilities for cluster state and persistent volumes using Velero and Amazon S3.
• Design CI/CD Infrastructure: Partner with engineering leadership to architect and deploy dynamic, scalable CI/CD execution environments (e.g., GitHub Actions Runner Controller) directly on the EKS platform.

Benefits

• Upskill and discover your potential
• Solve complex challenges in cutting-edge areas of technology
• Work with disruptive innovators in a research-focused organization with 60+ patents filed
• Immerse yourself in breakthrough AI, ML, data, and cloud technologies
• Gain exposure working with Fortune 500 companies
• Work in a fun, diverse and hybrid work culture
• Ample opportunities to learn, grow and interact with colleagues from varied experience and backgrounds around the globe.