Platform Engineer

Job Summary

NALEJ is pioneering the transformation of hybrid infrastructure technologies, redefining how secure data management and operational systems are implemented across diverse sectors. Our vision is to cultivate an ecosystem where NALEJ OS, an Enterprise Open Source platform, facilitates seamless and secure interactions from cloud to edge. By offering dual-use technologies across DevSecOps, DataSecOps, AI+ML Ops, Cyber Ops, and Network Ops, NALEJ provides a secure and efficient environment for both defense and businesses customers. We deliver services through SaaS, PaaS, IaaS, Hybrid, and Air-Gap models, focusing on secure data exchange without direct exposure of sensitive information. Our commitment to innovation includes providing secure edge networks and ensuring compliance with IL4-IL6+SAP MOSA, NIST, and Zero Trust standards.

Our platform team drives the development of NALEJ OS in a fast-paced startup building and operating a production-grade, multi-cluster Kubernetes platform that powers multiple customer tenants. The team designs and develops the full stack from Pulumi infrastructure, through EKS clusters, Istio service mesh, and GitOps delivery, to the Next.js apps tenants use daily. Ideal candidates are generalist Platform Engineers; someone who can write a Pulumi stack in the morning, debug an Istio routing failure at lunch, and tighten a Kyverno policy before end of day. Depth in one area is great; ownership across all of them is the job.

We're an AI-first team — every engineer uses an AI Integrated Development Environments daily, with context files, custom agents, and shared memory tuned to NALEJ OS platform. We expect you to work in this novel environment and we'll invest in making you better at it.

Key Responsibilities

• Develop and own end-to-end software blueprints for cloud or edge platforms supporting next-generation applications.
• Drive the successful execution of platform initiatives, ensuring alignment with business and product objectives.
• Act as a subject matter expert across cloud platforms, open-source tools, edge technologies, and IaC.
• Work closely with product managers, engineers, DevOps, and stakeholders to define technical requirements and ensure architectural integrity.
• Oversee technical timelines, dependencies, and deliverables for platform-centric projects.
• Maintain high-quality architectural documentation, design patterns, and technical standards.

Required Skills and Experience

• Infrastructure as code — Pulumi Go IaC across multiple AWS accounts
• Kubernetes operations — multi-cluster EKS architecture; node lifecycle, RBAC, admission, CRD upgrades
• Service mesh — Istio multi-primary with cross-cluster routing, PQC mTLS, and tenant traffic isolation
• GitOps & CI/CD — GitLab CI, Kaniko image builds, Helm + Kustomize rendered into a deploy repo, ArgoCD syncing every workload
• Progressive delivery — Argo Rollouts canaries with Prometheus/Loki-backed analysis
• Observability — Prometheus, Grafana, Loki, Thanos, Falco, Kiali
• Security & Policy — Kyverno, STRICT mTLS, cert-manager, IRSA, External Secrets, Falco runtime rules
• Auth & Identity — OIDC / JWT fundamentals; hands-on with an IdP (Keycloak, Okta, Auth0, Cognito) and a reverse-proxy auth layer
• Platform CLI & AI tooling — internal Python CLI the team uses daily; push forward our AI-assisted workflows and potentially ship AI features into the product

Example Projects You Might Lead

• Designing and automating cloud infrastructure provisioning pipelines using modern IaC frameworks.
• Leading platform and application integration initiatives supporting cloud-native or edge applications.
• Facilitating technical up-skilling of junior team members through mentorship and training programs.

Preferred Qualifications

• Bachelor's or Master’s degree in Computer Science, Engineering, or related field.
• Certifications in cloud architecture (AWS Certified Solutions Architect, Google Cloud Architect, etc.).
• Experience working in US regulated environments (e.g., Defense, healthcare, Secure control systems).
• Knowledge of container orchestration, CI/CD pipelines, and observability solutions.

Additional Notes

• US Citizens ONLY
• MAY REQUIRE ABILITY TO GAIN SECRET CLEARANCE