Sr Kubernetes Engineer

• Design, deploy, and operate GKE clusters, including private clusters with Shielded Nodes, Workload Identity, CMEK encryption, and custom node service accounts
• Implement and enforce Policy Controller (Gatekeeper) constraints (e.g., no-public-IP, require-CMEK, enforce labeling and private networking)
• Build and maintain Kubernetes RBAC frameworks aligned with enterprise IAM strategies
• Develop and enforce GitOps workflows using Config Sync across clusters
• Create and manage Helm charts and Kustomize overlays for consistent configuration delivery
• Partner with platform, security, and application teams to enable reliable Kubernetes workloads
• Provide subject matter expertise on Kubernetes, GKE, and cloud-native architectures
• Collaborate with DevOps and CI/CD teams on GitHub Actions and ARC runner implementations
• Work cross-functionally to integrate Kubernetes with GCP services (IAM, Secret Manager, KMS, Artifact Registry)

Analysis & Configuration

• Configure and manage Config Connector (KCC), including namespace isolation and project-level resource management
• Operate Config Sync with RootSync/RepoSync configurations across multiple clusters
• Implement External Secrets Operator (ESO) for secure secret management integration
• Optimize node pools through machine type selection, autoscaling, taints/tolerations, and upgrade strategies
• Design and configure networking policies using Calico/Cilium and GKE Dataplane V2

Operational Support

• Monitor cluster health using Prometheus, Grafana, and Cloud Monitoring
• Troubleshoot Kubernetes issues including pod failures, scheduling conflicts, networking, DNS, and storage
• Perform cluster upgrades (control plane and node pools) with zero-downtime strategies
• Manage GKE Fleet membership, Binary Authorization policies, and security bulletin responses
• Ensure platform reliability, performance, and adherence to enterprise SLAs

Mentorship & Training

• Mentor junior engineers on Kubernetes best practices and troubleshooting techniques
• Provide guidance on GitOps, Helm, and Kustomize usage
• Develop documentation, operational playbooks, and knowledge-sharing sessions
• Support teams in adopting secure and scalable Kubernetes patterns

Innovation and Research

• Evaluate emerging Kubernetes tools, features, and GCP capabilities
• Explore improvements in workload scheduling, autoscaling, and cluster efficiency
• Drive adoption of advanced capabilities such as Binary Authorization and image signing
• Stay current with Kubernetes ecosystem advancements and industry best practices

Strategic Planning

• Contribute to long-term platform architecture and multi-cluster strategy
• Assess GKE Autopilot vs. Standard trade-offs for different workloads
• Define roadmap improvements for scalability, cost optimization, and security posture
• Align Kubernetes platform initiatives with broader organizational technology goals, Hays is committed to building a thriving culture of diversity that embraces people with different backgrounds, perspectives, and experiences. We believe that the more inclusive we are, the better we serve our candidates, clients, and employees. We are an equal employment opportunity employer, and we comply with all applicable laws prohibiting discrimination based on race, color, creed, sex (including pregnancy, sexual orientation, or gender identity), age, national origin or ancestry, physical or mental disability, veteran status, marital status, genetic information, HIV-positive status, as well as any other characteristic protected by federal, state, or local law. One of Hays' guiding principles is 'do the right thing'. We also believe that actions speak louder than words. In that regard, we train our staff on ensuring inclusivity throughout the entire recruitment process and counsel our clients on these principles. If you have any questions about Hays or any of our processes, please contact us.

In accordance with applicable federal, state, and local law protecting qualified individuals with known disabilities, Hays will attempt to reasonably accommodate those individuals unless doing so would create an undue hardship on the company. Any qualified applicant or consultant with a disability who requires an accommodation in order to perform the essential functions of the job should call or text 813.336.5570.

• You are a highly experienced Kubernetes Engineer with deep expertise in Google Kubernetes Engine (GKE) and enterprise-grade platform operations. You thrive in designing, deploying, and managing secure, scalable, and highly reliable multi-cluster environments. You bring a strong understanding of Kubernetes internals and cloud-native principles, along with hands-on experience in GitOps, policy enforcement, and CI/CD automation.

You are detail-oriented, proactive in problem-solving, and capable of collaborating across teams to ensure platform stability, security, and performance. You are passionate about continuous improvement, automation, and staying at the forefront of Kubernetes and GCP innovations., * 5-7 years of experience in Kubernetes engineering

• 3+ years of hands-on experience with Google Kubernetes Engine (GKE)
• Deep expertise in GKE features including private clusters, Workload Identity, Config Sync, Policy Controller, and Fleet management
• Strong understanding of Kubernetes internals (API server, etcd, scheduler, kubelet, kube-proxy, CNI)
• Experience with Config Connector (KCC) or Kubernetes-native GCP resource management
• Hands-on experience with Actions Runner Controller (ARC) in Kubernetes
• Proficiency in External Secrets Operator (ESO) configuration and operation
• Experience with Helm, Kustomize, and GitOps workflows
• Strong knowledge of Kubernetes networking, security, and RBAC
• Experience with monitoring tools such as Prometheus, Grafana, and Cloud Monitoring
• Proven troubleshooting and operational excellence in production environments
• Bachelor's degree in Computer Science, Engineering, Information Technology, or a related field OR equivalent practical experience may be considered in lieu of formal education
• Advanced certifications in Kubernetes or cloud platforms (GCP) are highly desirable
• Experience with Binary Authorization and container image signing
• Familiarity with GKE Autopilot and Standard mode trade-offs
• Experience managing Windows or specialized node pools (e.g., Android/iOS runners)
• Kubernetes operator development experience (Go, controller-runtime)
• Relevant certifications such as CKA or CKAD

The final salary or hourly wage, as applicable, paid to each candidate/applicant for this position is ultimately dependent on a variety of factors, including, but not limited to, the candidate's/applicant's qualifications, skills, and level of experience as well as the geographical location of the position., This position is a contract/temporary role where Hays offers you the opportunity to enroll in full medical benefits, dental benefits, vision benefits, 401K and Life Insurance ($20,000 benefit).