Senior Engineer - DevOps, Onsite

Bass Pro Shops is seeking a Senior DevOps Engineer to join our platform engineering team. This is a high-ownership, high-impact role at the center of how we build, ship, and operate software at scale. You will be responsible for managing and continuously improving software delivery across hundreds of CI/CD pipelines, operating a multi-regional Azure Kubernetes footprint, and ensuring our platform is secure, observable, and resilient.

You'll work across the full spectrum of platform engineering - from pipeline security scanning and GitOps delivery to distributed data infrastructure and global traffic management. If you want to own a platform that touches everything and has real engineering depth, this is the role., Software Delivery & Pipelines

• Own and maintain hundreds of GitHub Actions CI/CD pipelines across multiple teams and repositories
• Integrate and manage security scanning tooling (SAST, container image scanning, dependency scanning, secrets detection) across the full pipeline estate; enforce scan gates and triage findings at scale
• Implement and maintain GitOps workflows using FluxCD and/or ArgoCD; manage fleet-level configuration drift, reconciliation, and progressive delivery
• Package and version applications using Helm charts; maintain internal chart libraries and manage release workflows
• Drive improvements in build performance, deployment strategies (blue/green, canary, rolling), and rollback capabilities

Infrastructure & Kubernetes

• Manage and operate Azure Kubernetes Service (AKS) clusters across environments - including cluster lifecycle, RBAC, network policies, autoscaling, and workload placement
• Author and maintain Infrastructure as Code using Terraform - modules covering Azure networking (VNets, subnets, NSGs, private endpoints, peering), compute, storage, AKS, and managed services
• Manage container image build pipelines, Azure Container Registry (ACR), base image governance, and automated vulnerability scanning
• Manage secrets and sensitive configuration through Azure Key Vault; enforce least-privilege access across pipelines and services

Multi-Regional & Traffic Management

• Architect and operate multi-regional Azure footprints including cross-region failover, geo-replication, and latency-aware traffic design
• Configure and manage Akamai edge policies - CDN, WAF, DDoS mitigation, TLS offload, and API Gateway rules
• Implement and maintain Azure Traffic Manager for DNS-level global load balancing, health probing, and regional failover

Distributed Systems

• Design and operate Apache Kafka infrastructure - broker configuration, topic and partition management, consumer group tuning, schema governance, and multi-cluster replication
• Manage MongoDB deployments (replica sets, sharding, backup/restore strategies) on Kubernetes and/or Azure-managed equivalents
• Support Redis deployments - clustering, eviction policies, persistence, and high availability configuration, * Build and maintain observability pipelines using the Elastic Stack and OpenTelemetry - log aggregation, distributed tracing, and metrics from infrastructure through application layers
• Support and enforce security and compliance postures aligned with PCI DSS and CIS Benchmark standards at the infrastructure, Kubernetes, and pipeline layers
• Participate in on-call rotations and incident response; conduct post-mortems and drive reliability improvements, Performs duties within scope of general company policies, procedures, and objectives. Analyzes problems and performs needs assessments. Uses judgment in adapting broad guidelines to achieve desired result. Regular exercise of independent judgment within accepted practices. Makes recommendations that affect policies, procedures, and practices.

• 5-8 years of experience in a DevOps, platform engineering, or site reliability role
• Proven experience managing and securing CI/CD pipelines at scale (100+ pipelines) using GitHub Actions, including integration of security scanning tools (Trivy, Dependabot, or equivalent)
• Deep hands-on experience with AKS and Kubernetes - RBAC, network policies, resource management, cluster upgrades, and multi-environment operations
• Strong Terraform skills - module authoring, state management, workspace strategy, and Azure resource coverage
• Production experience with FluxCD or ArgoCD in a GitOps delivery model
• Proficiency with Helm - authoring charts, managing dependencies, and release workflows
• Solid understanding of Azure networking - VNets, NSGs, route tables, private endpoints, DNS, and peering
• Experience with Azure Key Vault and secrets management patterns across pipelines and workloads
• Hands-on experience with Elastic Stack and OpenTelemetry for observability
• Proficiency in Linux administration and scripting - Bash, Shell, and Python
• Working knowledge of PCI DSS and CIS Benchmark hardening standards applied to cloud and container environments
• Experience with multi-regional Azure architectures and global traffic routing patterns
• Hands-on experience with Apache Kafka, MongoDB, and Redis in production environments

Preferred Qualifications

• Experience with Akamai edge platform - property configuration, WAF policies, and API Gateway
• Experience with Azure Traffic Manager and/or Azure Front Door for global load balancing and failover
• Familiarity with Azure Policy, Microsoft Defender for Cloud, or cloud security posture management tooling
• Experience with service mesh technologies (Istio, Linkerd)
• Kafka multi-cluster replication and consumer lag monitoring at scale
• Azure certifications (AZ-104, AZ-400, CKA/CKAD)

Enjoy discounts on retail merchandise, our restaurants, world-class resorts and conservation attractions!

• Medical
• Dental
• Vision
• Health Savings Account
• Flexible Spending Account
• Voluntary benefits
• 401k Retirement Savings
• Paid holidays
• Paid vacation
• Paid sick time
• Bass Pro Cares Fund
• And more!

Bass Pro Shops is an equal opportunity employer. Hiring decisions are administered without regard to race, color, creed, religion, sex, pregnancy, sexual orientation, gender identity, age, national origin, ancestry, citizenship status, disability, veteran status, genetic information, or any other basis protected by applicable federal, state or local law.

Reasonable Accommodations

Qualified individuals with known disabilities may be entitled to reasonable accommodation under the Americans with Disabilities Act and certain state or local laws. If you need a reasonable accommodation for any part of the application process, please visit your nearest location or contact us at hrcompliance@basspro.com. Bass Pro Shops