Principal Platform Engineer — Data Private Cloud (Kubernetes/OpenShift)

About The Position

Requirements

• 7+ years of Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
• 5+ years of hands-on experience with Kubernetes in production environments (OpenShift Container Platform strongly preferred)

Nice To Haves

• Experience in financial services or other highly regulated industries
• Experience with Kubernetes scheduling frameworks (YuniKorn, Volcano) for batch and AI workload optimization
• Contributions to open-source projects in the data or infrastructure
• Experience building and deploying applications with enterprise data sources
• Hands-on experience with transformer architectures and fine-tuning open-source models
• Professional certifications: CKA/CKAD, AWS/Azure/GCP Professional, Terraform Associate
• Experience with GitOps practices (ArgoCD, Flux)
• Background in platform product management or developer experience
• Expert-level Kubernetes knowledge: deployments, stateful workloads, operators, CRDs, RBAC, network policies, storage classes
• OpenShift Container Platform: Routes, SCCs, cluster administration, operator lifecycle management
• Infrastructure-as-code with Terraform (modules, state management, provider development)
• Container runtimes, image registries, and CI/CD pipeline integration
• Apache Spark: architecture, tuning, Spark on Kubernetes, dynamic resource allocation
• Distributed SQL engines (Trino, Presto) including federation and connector development
• Apache Airflow: DAG design, executor configurations, Kubernetes executor
• Data catalog and lineage tools (DataHub, Apache Atlas, or similar)
• Apache Ranger or equivalent fine-grained authorization frameworks
• Apache Iceberg or similar table formats; Hive Metastore operations
• AIOps tools: anomaly detection with Prophet, PyOD, or custom models; log analytics with OpenSearch ML
• Prometheus with recording rules, Grafana ML features, custom alerting models
• Enterprise identity integration: LDAP, Active Directory, SAML, OIDC
• Keycloak administration, realm configuration, and custom provider development
• PKI, certificate management, and TLS termination strategies
• Secrets management (HashiCorp Vault, Kubernetes secrets, external secrets operators)

Responsibilities

• Own the architecture of the enterprise data platform (OpenShift, Kubernetes, modern data stacks)
• Define platform standards for security, scalability, multi-tenancy, and operational excellence
• Lead decisions around compute orchestration (Spark on K8s, YuniKorn), query federation (Trino, Kyuubi), and metadata management (Gravitino, Hive Metastore)
• Design authentication/authorization (Keycloak, AD, Ranger)
• Shape infrastructure strategy and open-source deployment patterns
• Lead Terraform-based IaC and repeatable deployment practices
• Architect networking, ingress, and service mesh configurations
• Oversee PKI, SSL/TLS, and certificate lifecycle management
• Build monitoring and observability strategies (OpenSearch, Prometheus, Grafana)
• Ensure resilience through scheduling, quotas, and capacity planning
• Implement GitOps for declarative deployments
• Ensure compliance with regulatory requirements (OSFI, SOX, PCI-DSS)
• Implement multi-tenant isolation and robust security boundaries
• Lead security reviews, threat modeling, and remediation
• Partner with Security, Risk, and Compliance teams on audits and controls

Benefits

• Health benefits
• 401(k) Plan
• Paid time off
• Disability benefits
• Life insurance, critical illness insurance, and accident insurance
• Parental leave
• Critical caregiving leave
• Discounts and savings
• Commuter benefits
• Tuition reimbursement
• Scholarships for dependent children
• Adoption reimbursement