DevOps Engineer

We are looking for a skilled DevOps Engineer with hands- on experience in managing API gateways using OpenResty and Lua, implementing OIDC- based authentication, and deploying containerized applications using Helm into Kubernetes clusters (EKS/AKS). The ideal candidate should also have strong networking knowledge, cloud- native experience, and a solid grasp of modern DevOps practices.
Key Responsibilities:

Integrate Nginx with identity and access management (IAM) systems, including, OpenID Connect, and SAML.
Develop and enforce security policies ensuring robust pre- authentication for M2M and H2M communications.
Monitor, troubleshoot, and resolve Nginx- related issues, ensuring system reliability and performance.
Design, implement, and manage Nginx configurations to support M2M and H2M pre- authentication.
Document configurations, procedures, and system changes to maintain accurate records and facilitate knowledge sharing.
Work closely with security, DevOps, and application teams to ensure seamless integration and high security standards.
Manage deployments across AKS and EKS clusters in production and staging environments.
Stay current with the latest Nginx features, security updates, and industry best practices.
Build, containerize, and deploy authentication components using Docker and Helm.
Optimize Nginx settings for performance, security, and scalability.

Yêu cầu công việc

QUALIFICATIONS AND EXPERIENCE REQUIRED:
Experience:

3+ years of experience with Nginx, including extensive configuration and performance tuning.

Education:

Bachelor’s degree in computer science, Information Technology, or a related field.

Required Qualifications

In- depth understanding of pre- authentication techniques for both M2M and H2M communications.
Strong knowledge in Linux kernel Systems.
Experience with IAM systems such as OAuth2, OpenID Connect, and SAML.
Excellent analytical and problem- solving skills.
Strong scripting skills in languages such as Python, Bash, or similar.
Strong knowledge in containerized platforms (Docker/Podman)
Strong communication and collaboration abilities.

Preferred Qualifications

Networking & Protocols:
Experience with SSL/TLS, certificate management, and secure communication best practices.
Strong knowledge of HTTP/HTTPS, including headers, methods, caching, and status codes.
Deep understanding of networking fundamentals (IP, DNS, routing, firewalls, WAF).
Familiarity with reverse proxies, load balancing, and ingress traffic handling.
Containerization:
Experience with Docker for building, managing, and debugging containers.
Understanding of container best practices (e.g., multi- stage builds, image hardening).
Ability to write and optimize Dockerfiles for performance and security.
Knowledge of container networking, volumes, and logging.
Authentication & Authorization:
Working knowledge of JWTs, scopes, claims, and token validation.
Implementing and troubleshooting OIDC (OpenID Connect) integrations.
Implementing pre- authentication logic in front of internal applications.
Experience integrating with Azure EntraID or other identity providers.
OpenResty & Lua
Hands- on experience managing OpenResty (Nginx + LuaJIT) for custom reverse proxy setups.
Familiarity with Nginx internals and Lua phases in the HTTP request lifecycle.
Writing and maintaining Lua scripts for request handling, authentication, routing, and logging.
Kubernetes (AKS/EKS) & Helm
Writing, templating, and maintaining Helm charts for complex applications.
Cert- Manager, ExternalDNS
Knowledge of K8s primitives: Deployments, Services, Ingress, ConfigMaps, Secrets, RBAC.
Understanding of rolling deployments, health checks, and zero- downtime upgrades
CI/CD & Infrastructure Automation
Familiarity with CI/CD pipelines for deploying Helm charts and Docker images.
Scripting in Bash, Python, or similar for automation and tooling.
Exposure to Terraform, focused on Terraform Cloud

• Hybrid and flexible working environment with attractive benefits
• English- speaking environment where you will have opportunities to work on global projects and connect with experienced colleagues from around the world
• Join a dynamic and fast- growing global network, tackle great challenges with large- scale products, and work with modern technologies
• 15+ days of paid leave per year
• 13th- month salary bonus and annual performance bonus
• 100% offered salary and mandatory social insurances in 2- month probation
• Hybrid working model and good work- life balance
• Annual company trip and various team building activities and appreciation gifts
• Premium health insurance
• We embrace diversity! As an Equal Opportunity Employer, we value strength in diversity and prohibit discrimination in any form
• We support your development and are committed to advancing your career

Cập nhật gần nhất lúc: 2025-11-11 17:40:02