Overview:
We are seeking a CI/CD & DevOps Engineer to lead the engineering and operations enablement for an enterprise-grade agent orchestration capability. This role owns the design and implementation of fully automated CI/CD pipelines, promotion gates, and infrastructure-as-code patterns that support secure, auditable, and reliable deployment of agent workflows across non-production and production environments Hanumawith tenant isolation. The role ensures release safety (blue/green, canary, rollback), drift detection, secrets management, and observability/SLO readiness, while partnering with platform engineering, security/identity, SRE, and app teams to reduce time-to-production and production risk.
Responsibilities:
1) CI/CD Engineering & Promotion Gates (35%)
-
Design and implement fully automated CI/CD pipelines for agent workflows and platform components, including versioning, unit/integration tests, security scans, and promotion gates across non-prod and prod environments. (Execute/Consult)
-
Implement standardized release gates (policy checks, approvals, quality thresholds) and ensure traceability of artifacts promoted across environments. (Execute/Consult)
-
Provide reusable pipeline templates and reference patterns to accelerate adoption across teams while maintaining consistent governance. (Execute)
2) Infrastructure as Code, Environment Provisioning & Drift Detection (25%)
-
Build IaC modules and provisioning automation for environments (tenant isolation patterns, runtime prerequisites, gateways, secrets bootstrapping), with code review and drift detection. (Execute/Consult)
-
Integrate environment requests with enterprise DevX/portal APIs where applicable, enabling consistent, self-service provisioning. (Consult/Execute)
-
Ensure secure configuration management practices across environments (parameterization, policy-as-code compatibility, environment parity). (Execute)
3) Security, Identity, Secrets & Compliance Controls (20%)
-
Implement CI/CD and runtime integration patterns for SSO (SAML/OIDC), RBAC/ABAC enforcement hooks where required, and secrets management (vault/managed secrets) for pipelines and runtime components. (Consult/Execute)
-
Ensure audit logs exist for pipeline executions, approvals, deployments, configuration changes, and rollback events; support evidence needs for compliance reviews. (Execute/Consult)
-
Enforce software supply-chain controls (signed artifacts/images, SBOM where mandated, dependency scanning, provenance). (Execute/Consult)
4) Release Safety, Reliability & Operational Readiness (15%)
-
Implement safe deployment strategies (blue/green, canary, progressive delivery) and automated rollback paths; validate through drills and runbooks. (Execute/Consult)
-
Partner with SRE to define SLIs/SLOs for deployment success, rollout latency, and pipeline availability; ensure observability is integrated (metrics/logs/traces). (Consult/Execute)
-
Provide incident, rollback, and migration runbooks; participate in release incident triage and stabilization. (Execute/Consult)
5) Enablement, Adoption & Continuous Improvement (5%)
-
Mentor engineers on CI/CD best practices, release hygiene, and IaC patterns; drive continuous improvement to reduce lead time and change failure rate. (Consult/Execute)
-
Decision-Making Autonomy: High-moderate — significant autonomy in CI/CD and IaC design choices within enterprise guardrails; escalates enterprise-wide security and governance policy decisions.
-
Supervision Required: Moderate-low — operates with general direction from platform/SRE leadership; periodic reviews for architecture and compliance readiness.
-
Complexity of Role: High — multi-tenant environments, strict audit/compliance, progressive delivery, and multiple integration points across tooling and identity systems.
-
Cross-Functional Interactions: Yes — continuous interaction with platform engineering, DevX/portal, security/identity, SRE/observability, and application teams.
Qualifications:
Key Skills/Experience Required Minimum Qualifications:
Minimum Qualifications
-
Bachelor’s/Master’s in CS/Engineering (or equivalent experience).
-
Proven experience building production CI/CD pipelines and operating deployment workflows for distributed systems.
Required Expertise
-
CI/CD platforms: Azure DevOps, GitHub Actions (or equivalent), branch policies, PR checks, artifact/version management
-
IaC: Terraform/Bicep/ARM (at least one strong), drift detection, environment modularization
-
Containers/runtimes: Docker, Kubernetes fundamentals; familiarity with service meshes and ingress/gateway patterns is a plus
-
Security: secrets management, supply-chain security (scanning/signing/provenance), least privilege, audit logging expectations
-
Observability: integration of metrics/logs/traces; release dashboards; incident support patterns
-
Release engineering: blue/green, canary, progressive delivery, rollback automation, deployment verification tests
Differentiating Competencies
-
Ownership: drives CI/CD and IaC outcomes end-to-end; ensures production readiness and stability
-
Collaboration & customer focus: treats app teams as platform customers; balances speed with controls
-
Communication: clear release readiness reporting; crisp RCA documentation and improvement proposals
-
Adaptability: adjusts to evolving governance, identity, and tooling constraints without breaking delivery
-
Proactiveness & initiative: anticipates release risks and dependency conflicts; resolves early
-
Strategic thinking (emerging): identifies reusable patterns that accelerate adoption and reduce operational toil
