Platform & Security Engineer

We are looking for a mid-level to senior Platform & Security Engineer to design, build, and operate a secure, scalable enterprise Data Private Cloud (DPC) platform. This hybrid role combines platform engineering (OpenShift/Kubernetes and data services), security engineering, and automation. You will develop platform capabilities, embed security into the SDLC, and collaborate across teams to enable secure-by-default data services at scale. Responsibilities Platform Engineering

• Design and implement automated workflows for provisioning, deploying, and operating data services on Kubernetes/OpenShift.
• Build and maintain platform capabilities supporting components such as Spark, Iceberg, Ranger, Sparkflow, Superset, and related ecosystem tools.
• Contribute to resilient, scalable architectures for containerized workloads and high-volume data processing pipelines.
• Improve platform reliability through automation, standard operating procedures, and SRE best practices.

Security Engineering & SecOps

• Develop security automation enforcing access control, encryption, masking, and data protection across the platform.
• Integrate security into CI/CD pipelines, infrastructure-as-code, and SDLC workflows.
• Support security monitoring and compliance through:

• Policy and control management
• Evidence collection and continuous compliance workflows
• Audit logging, alerting, and security dashboards

• Partner with security, platform, and DevOps teams to strengthen incident response, operational resilience, and risk reduction.

Hands-On Development & Collaboration

• Design, develop, test, and document Python-based services and automation for platform operations and compliance.
• Work closely with architects, platform/DevOps engineers, and data product teams to deliver end-to-end solutions.
• Participate in design reviews, threat modeling sessions, and architecture discussions to support secure deployment patterns.

Minimum Qualifications (5+ years experience) Core Skills

• Strong Python programming skills for automation and service development in enterprise environments.
• Solid understanding of security fundamentals (least privilege, defense-in-depth, secure SDLC) and compliance concepts.
• Experience building or operating systems in Kubernetes or OpenShift environments.
• Hands-on experience with CI/CD pipelines and embedded security controls.
• Excellent communication skills and ability to work across engineering and security teams.

Technical Background

• Familiarity with access control, encryption, tokenization/masking, and secrets management.
• Understanding of DevOps practices including automated testing, release automation, environment promotion, and operational support.
• Exposure to data platform concepts (data services, governance, metadata, batch/stream processing).

Preferred Qualifications

• Experience with open-source data ecosystem components such as Ranger, Keycloak, Spark, Iceberg, and DataHub.
• Knowledge of S3-compatible object storage and distributed data processing patterns.
• Familiarity with observability tooling (logs, metrics, tracing), security telemetry, and operational dashboards.
• Experience with incident response, root-cause analysis, and operational resilience improvements.
• Exposure to API design and/or UI development (e.g., React.js) for operational and administrative tools.

Success Criteria

• Automated workflows that simplify deployment and operations for data services on OpenShift/Kubernetes.
• Security controls that are embedded, automated, and enforce least privilege, auditability, and compliance.
• Improved platform reliability and reduced operational overhead through standardization and automation.
• Strong alignment and collaboration across platform engineering, data teams, and security stakeholders.