Lead DevOps Engineer (AWS)

Andersen is hiring a Lead DevOps Engineer (AWS) to drive DevSecOps strategy, lead teams, and build secure, scalable cloud platforms across enterprise projects. 

Andersen is a pre-IPO software development company providing a full cycle of services. For over 19 years, we have been helping enterprises and middle-sized firms worldwide transform their businesses by creating effective digital solutions using innovative technologies.  

Our company operates across a global network of 16 development centers and offices, strategically located in North America, Western and Central Europe, the Middle East, and the Asia-Pacific region. With a strong team of over 3,500 highly skilled professionals, we combine deep domain expertise and advanced technical capabilities to consistently deliver exceptional results for our clients. 

Responsibilities: 

• Leading and coaching DevOps/DevSecOps engineers on best practices, code reviews, and technical direction. 

• Collaborating with development, QA, security, architecture, and IT teams to align priorities. 

• Owning and communicating the technical roadmap for platform and security improvements. 

• Scaling and driving adoption of DevSecOps practices across the company, defining standards and templates. 

• Supporting sales/presales activities, including technical discovery, solution design, and customer-facing presentations. 

• Designing, building, and improving secure, reliable CI/CD pipelines. 

• Implementing and maintaining GitOps/IaC for provisioning and configuration management. 

• Managing microservice platforms on Kubernetes (clusters, autoscaling, upgrades). 

• Ensuring operational health of production and development environments: availability, scalability, and cost efficiency. 

• Implementing shift-left security practices across the SDLC (SAST, DAST, dependency scanning, etc.). 

• Defining and enforcing security baselines: IAM, network segmentation, encryption, secrets management. 

• Leading vulnerability management from detection to remediation and verification. 

• Leading security audits (SOC2/ISO/PCI/GDPR), gathering evidence and implementing controls. 

• Operating monitoring, alerting, logging, tracing, and incident response processes. 

• Defining and implementing SLO/SLI monitoring to improve system resilience and reduce MTTR. 

• Troubleshooting production issues using logs, metrics, traces, and code. 

Must-haves: 

• Total experience in DevOps/SRE/Platform Engineering for 7+ years, including 5+ years hands-on AWS.  

• Experience in a lead role (team lead / tech lead / principal responsibility across multiple teams/services) for 2+ years.  

• Deep understanding of DevOps and DevSecOps principles (automation, CI/CD, immutable infra, security by design). 

• Strong knowledge of AWS security and networking: VPC design, routing, load balancing, DNS, TLS, IAM, security groups/NACLs. 

• Strong Kubernetes expertise: cluster operations, upgrades, RBAC, ingress, autoscaling, resource management, policy enforcement. 

• Strong IaC experience: Terraform preferred (modules, state management, best practices), CloudFormation/Pulumi as a bonus.  

• Strong CI/CD experience with Jenkins/GitLab CI (or similar), including pipeline templates, reusable components, secure secrets handling, artifact promotion strategy. 

• Hands-on with observability stacks (Prometheus/Grafana + ELK/EFK or equivalents), including alert tuning and incident response.  

• Confident scripting/automation skills (Python and/or Bash) for tooling, troubleshooting, and integrations.  

• Working knowledge of relational databases (PostgreSQL, MySQL) from ops perspective (backup/restore, HA basics, performance awareness).  

• Excellent troubleshooting skills and ability to lead production investigations. 

• Level of English – from Upper-Intermediate and above. 

Nice-to-haves: 

• AWS certifications (AWS Certified DevOps Engineer – Professional, AWS Certified Solutions Architect – Professional, AWS Certified Security Specialty). 

• Experience with security tooling such as AWS Security Hub/GuardDuty/Inspector (or similar). 

• Hands-on experience with container scanning tools like Trivy, Aqua, Prisma, or Wiz. 

• Experience with policy as code tools like OPA/Gatekeeper, Kyverno. 

• Experience implementing governance, multi-account strategies, landing zones, guardrails, and secure baselines. 

• Experience with GitOps tooling (Argo CD/Flux), service mesh (Istio/Linkerd), or progressive delivery (blue-green/canary). 

• Knowledge of Azure as a secondary cloud provider. 

• Experience with on-prem or hybrid environments (VMware, bare metal, private cloud). 

Reasons why this job would be interesting to you: 

• Experience in teamwork with leaders in FinTech, Healthcare, Retail, Telecom, and others. Andersen cooperates with such businesses as Samsung, Siemens, Johnson & Johnson, BNP Paribas, Ryanair, Mercedes, TUI, Verivox, Allianz, T-Systems, etc.. 

• The opportunity to change the project and/or develop expertise in an interesting business domain. 

• Job conditions – you can work both fully remotely and from the office or can choose a hybrid variant. 

• Guarantee of professional, financial, and career growth! The company has introduced systems of mentoring and adaptation for each new employee. 

• The opportunity to earn up to an additional 1,000 USD per month, depending on the level of expertise, which will be included in the annual bonus, by participating in the company's activities. 

• Access to the corporate training portal, where the entire knowledge base of the company is collected and which is constantly updated. 

• Bright corporate life (parties / pizza days / PlayStation / fruits / coffee / snacks / movies). 

• Certification compensation (AWS, PMP, etc). 

• Referral program. 

• English courses. 

• Private health insurance and compensation for sports activities. 

Your personal data is protected in accordance with GDPR regulations. Learn more: https://andersenlab.com/privacy-policy/pl .

Join us!   

https://people.andersenlab.com/