Senior DevOps Engineer
Engineering | Pune, India (Hybrid) | Full-Time
Mission-Critical Core Banking Platform
We are seeking a Senior DevOps Engineer to join a high-performing platform team building and operating a mission-critical, low-latency core banking application. You will be a key contributor to a cloud-native platform that is deployed first on Microsoft Azure, with roadmap targets extending to Red Hat OpenShift, AWS, and Google Cloud Infrastructure (GCI). This role demands deep hands-on expertise across the full DevOps spectrum — from infrastructure automation and CI/CD pipeline ownership to container orchestration, secrets management, and developer enablement.
You will work alongside Software Engineering, Quality Engineering, and Platform/SRE teams to ensure every release is secure, repeatable, observable, and operationally excellent. If you thrive in regulated, high-availability environments and have a passion for automation-first engineering, this role is for you.
Location: Pune, India
Work Model: Hybrid — on-site on designated days; remote-eligible on other days per team and business needs
Work Experience: 7+ years of relevant experience
1) CI/CD Pipeline Ownership
Design, build, and maintain robust CI/CD pipelines using Jenkins and Gradle to support developer productivity and automated quality gates across dev, test, staging, and production environments.
Manage container image builds, versioning strategies, and publishing workflows to Nexus artifact repositories; enforce image scanning and dependency hygiene.
Own end-to-end pipeline reliability: fast feedback loops, deterministic builds, and clear failure diagnostics for development teams.
2) Kubernetes & Cloud-Native Platform Engineering
Administer and evolve Kubernetes clusters on Azure (AKS), ensuring high availability, auto-scaling, and operational reliability aligned with SLOs.
Extend the platform to OpenShift, AWS, and GCI as the multi-cloud roadmap progresses; maintain environment parity across targets.
Implement and maintain GitOps-based deployment workflows; manage configuration-as-code using Carvel toolchain components (ytt, kapp-controller, imgpkg, vendir).
Manage Kubernetes-native packaging and release workflows; enforce deployment standards across all environments.
3) Infrastructure Automation
Own and evolve Ansible playbooks and roles for environment provisioning, configuration management, and platform component lifecycle management.
Ensure secure, repeatable, and auditable provisioning across dev/test/stage/prod; treat infrastructure-as-code as a first-class deliverable.
Build and maintain automation for platform component upgrades, patching cycles, and environment refresh workflows.
4) Secrets & Certificate Management
Operate and extend External Secrets Operator (ESO) integrations with vaults and cloud-native secret stores to enforce zero-trust secret handling across all environments.
Manage TLS certificate lifecycles: issuance, rotation, expiry monitoring, and automated renewal using cert-manager or equivalent tooling.
Ensure no secrets, credentials, PCI data, or PII are embedded in code, pipelines, or container images; enforce policy-as-code controls.
5) Messaging & Data Infrastructure
Support operational management and observability of NATS messaging clusters: configuration, topic management, monitoring, and failure recovery.
Assist with PostgreSQL database infrastructure: provisioning, backup/recovery validation, connection pooling, and performance monitoring in Kubernetes-native deployments.
Collaborate with application teams to ensure messaging and data infrastructure SLOs are met and operationalized with runbooks.
6) Test Orchestration & Quality Infrastructure
Implement and maintain Testkube for Kubernetes-native test orchestration; integrate automated test execution into CI pipelines as a quality gate.
Drive security and compliance testing as part of CI/CD: SAST, DAST, container vulnerability scanning, and dependency analysis.
Maintain test environment infrastructure: provisioning, data seeding, isolation, and teardown automation.
7) Developer Enablement & Observability
Serve as a force multiplier for development teams: reduce friction in the build-test-deploy cycle, document platform patterns, and provide self-service tooling where possible.
Build and maintain observability infrastructure: logging pipelines, metrics collection, distributed tracing, and alerting for platform and application services.
Contribute to runbooks, on-call playbooks, and incident response processes; participate in on-call rotation as the platform matures.
in DevOps, Platform Engineering, or Site Reliability Engineering roles; experience with regulated or high-availability environments strongly preferred.
— hands-on cluster administration (AKS or equivalent); deep understanding of workload scheduling, networking (CNI, ingress, service mesh), RBAC, and storage.
— Jenkins pipeline authoring (declarative and scripted); Gradle build tooling for Java/JVM projects; artifact lifecycle management with Nexus.
— writing and maintaining playbooks, roles, and inventories for infrastructure automation and configuration management.
— practical experience with ytt (templating), kapp-controller (GitOps), imgpkg (bundle packaging), and related tools.
— Dockerfile authoring, multi-stage builds, image optimization, registry management, and vulnerability scanning integration.
— External Secrets Operator (ESO), Kubernetes Secrets, and integration with secret stores (Azure Key Vault, HashiCorp Vault, or equivalent).
— TLS lifecycle management, cert-manager or similar tooling, and certificate rotation automation.
— operational experience with NATS messaging: configuration, monitoring, and failure recovery.
— operational familiarity: provisioning, backup/restore, connection management, and basic performance tuning in containerized environments.
— experience deploying and integrating Testkube for Kubernetes-native test orchestration.
— Azure (primary); working knowledge of OpenShift, AWS, or GCI is a strong plus.
Strong security mindset: experience with SAST/DAST tooling, supply chain security, and compliance controls (PCI-DSS, SOC2, or equivalent).
Experience with multi-cloud or cloud-agnostic platform delivery (Azure + OpenShift + AWS or GCI simultaneously).
Familiarity with GitOps patterns: Flux, ArgoCD, or kapp-controller-based deployment pipelines.
Experience with policy-as-code tooling: OPA/Gatekeeper, Kyverno, or similar.
Exposure to AI-assisted DevOps tooling (AI-driven alerting, anomaly detection, or intelligent pipeline optimization).
Experience in banking, payments, or other regulated transaction processing environments.
Knowledge of service mesh technologies (Istio, Linkerd) and mTLS within Kubernetes.
Familiarity with internal developer platform concepts: golden paths, self-service portals, and developer experience metrics.
The opportunity to work on a mission-critical platform that processes high-value banking transactions at scale.
A collaborative, engineering-first culture with strong investment in automation, quality, and developer experience.
A clear multi-cloud evolution roadmap with real technical depth and growth opportunities.
Competitive compensation, benefits, and a hybrid work environment
#LI-AP
ACI Worldwide is an equal opportunity employer.
ACI Worldwide is a global leader in mission-critical, real-time payments software . Our proven, secure and scalable software solutions enable leading corporations, fintechs and financial disruptors to process and manage digital payments , power omni-commerce payments , present and process bill payments , and manage fraud and risk . We combine our global footprint with a local presence to drive the real-time digital transformation of payments and commerce.
