SYSTEM ENGINEER OPENSHIFT

UNION BANCAIRE PRIVEE, UBP SA
Geneva, Switzerland
5 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate
Compensation
CHF 208K

Job location

Geneva, Switzerland

Tech stack

IBM AIX
Unix
Databases
Continuous Availability
Continuous Integration
Database Theory
Disaster Recovery
Disk Arrays
DNS
NetBackup
OpenID
Openshift
Performance Tuning
Role-Based Access Control
Red Hat Enterprise Linux - RHEL
Azure
Prometheus
Security Assertion Markup Language (SAML)
Security Information and Event Management
Solaris (Operating System)
System Software
TCP/IP
Transmission Control Protocol (TCP)
Virtual Local Area Networks
Ceph
Data Logging
Load Balancing
Okta
Autoscaling
Istio
System Availability
Grafana
Kubernetes
Bare Metal
Veeam
Commvault
Artifactory

Job description

  • Adapt and optimize OpenShift clusters (filesystem management, access control, quotas, policies) on underlying Unix/Linux systems.
  • Install, migrate, and operate Unix/Linux environments according to our standards and processes.
  • Plan and manage system storage and related capacity (including persistence of OpenShift volumes).
  • Ensure security, resilience, and compliance across environments.
  • Participate in on-call rotations.

Challenges

  • Adapt to heterogeneous environments (AIX/Solaris/RHEL, virtualization) and existing processes.

  • Align Unix/Linux operations practices with container, Kubernetes, and OpenShift paradigms.Support application migrations to OpenShift with minimal impact, while meeting financial-sector security requirements., * Install, configure, and maintain Red Hat OpenShift clusters (IPI/UPI, bare metal/virtualized/cloud).

  • Mastery of Kubernetes/OpenShift concepts: projects, routes, services, deployments, statefulsets, operators, CRD, RBAC, SCC, NetworkPolicy.

  • OpenShift lifecycle management: controlled upgrades, patches, channels, image mirroring, oc CLI.

  • Security and compliance:

  • Configuration of RBAC, SCC, PSa/PSP equivalents, secrets, encryption.

  • OIDC/SAML integration with IdPs (e.g., Keycloak, Azure AD).

  • Policies and admission control (Gatekeeper/OPA), auditing, hardening.

  • OpenShift networking:

  • CNI (OpenShiftSDN/OVNK), ingress/egress, routes, load balancers, service mesh (Istio/Service Mesh).

  • Storage and persistence:

  • Provisioning PersistentVolume/PersistentVolumeClaim, StorageClasses, CSI drivers, NAS/SAN integration (NFS, Ceph, …).

  • Observability:

  • Logging and metrics (Cluster Logging, Loki/EFK, Prometheus/Grafana), alerting, SIEM integration.

  • CI/CD and images:

  • BuildConfigs/ImageStreams, registry management (Quay/Artifactory), image policies.

  • Operations and SRE:

  • Cluster and application backup/restore (Velero, etcd backup).

  • Capacity planning, autoscaling (HPA/VPA/Cluster Autoscaler), performance tuning.

  • Troubleshooting: pods, nodes, networking, storage, scheduling. Primary Responsibilities

  • Install and configure OpenShift components and RHEL and Unix OSes to host workloads.

  • Deploy, maintain, and upgrade OpenShift clusters and their operators.

  • Apply and test OS and platform patches; manage compliance and hardening.

  • Develop and implement security and management procedures (OS and OpenShift).

  • Update standard policies based on environmental changes and audit findings.

  • Improve system and cluster performance; propose optimization initiatives.

  • Identify, diagnose, and resolve system and platform incidents (L2/L3).

  • Plan, coordinate, and execute installation, testing, and maintenance of system software and OpenShift components.

  • Lead projects within approved timelines, including migrations to OpenShift and workload rationalization.

  • Analyze software and hardware environments to detect defects and risks; propose remediations.

  • Maintain up-to-date documentation: architecture, operator procedures, component inventory, runbooks.

  • Implement backup and recovery strategies (OS, etcd, applications) and validate their effectiveness.

  • Implement and test disaster recovery and business continuity (DR/BCP) procedures for OS and OpenShift.

  • Perform performance maintenance routines to ensure continuous availability.

Requirements

Do you have experience in TCP?, * Knowledge of major Unix/Linux distributions: IBM AIX, Red Hat Enterprise Linux (RHEL), Solaris.

  • Proven experience deploying and operating OpenShift or Kubernetes in production.

  • Understanding of storage and network technologies: memory, disk arrays, NAS/SAN, networking (TCP/IP, VLAN, load balancing).

  • Understanding of database concepts: maintenance, recovery, failover, high availability.

  • Understanding of routine maintenance, recovery, and handling failover of a Database

  • Familiarity with at least one enterprise backup solution (e.g., NetBackup, Commvault, Veeam)., * Years of experience: 3-7.

  • Financial sector: preferred.

  • Required experience:

  • Minimum 3 years as Unix/Linux systems administrator.

  • Proven experience deploying and operating OpenShift or Kubernetes in production.

  • Required knowledge:

  • OS: RHEL, OpenShift.Storage, memory, disk arrays, NAS/SAN, networking (DNS, TLS, firewalling)

  • Others Swiss Residence Core Competencies : Adherence to the company's values: Dedication, Conviction, Agility and Responsibility - Compliance with regulations and internal directives

Apply for this position