Role: Platform Engineer
Experience: 10years
Location: London
Work mode: Hybrid
Build and run an internal platform that makes delivery safer and faster in a regulated bank: paved roads, self-service, and guardrails by default. You'll own platform capabilities across Kubernetes, GitOps, developer experience, and "AI-assisted operations" that proposes changes via PRs (human-in-the-loop).
Expected Outcomes
* A secure, repeatable platform blueprint deployable across clouds (or on-prem Kubernetes where needed).
* Golden paths (templates + pipelines + policies) that teams adopt voluntarily because it removes toil.
* Measurable improvement in deployment reliability, lead time, and audit evidence quality.
* AI-assisted workflows that detect issues (red pipelines/alerts) and open PRs with recommended fixes—reviewable, traceable, and policy-gated.
Key responsibilities
* Design and implement a cloud-agnostic Kubernetes platform foundation (cluster add-ons, ingress, networking, secrets, config, tenancy).
* Build and operate GitOps workflows using ArgoCD (environments, promotion, drift detection, rollback patterns).
* Provide self-service developer experience via an Internal Developer Portal (Backstage or Atlassian Compass) including:
o Service catalog + ownership + documentation
o Golden-path scaffolding (service templates)
o Operational visibility (dashboards/runbooks/alerts links)
* Establish platform security controls aligned to banking needs:
o Policy-as-code, least privilege, secrets management, audit logs, provenance/traceability.
* Partner with architects and delivery teams to align platform boundaries with DDD (domain segregation, ownership boundaries, cross-domain integration patterns).
* Enable the AI capability in a controlled way:
o Integrate alerting/pipeline signals → generate PRs with proposed changes
o Enforce approvals, testing gates, and traceable rationale (e.g., link PR to incident/ticket and evidence)
Required experience / must-haves
* Strong hands-on engineering background building platforms on Kubernetes in production.
* GitOps with ArgoCD (multi-env, multi-team setups; drift, rollback, promotion strategies).
* Infrastructure provisioning with Terraform / OpenTofu or Pulumi (modules/components, state management, secure patterns).
* Strong Git-based workflows; familiarity with GitHub or Bitbucket and their permission/policy models.
* Experience designing for regulated environments: audit trails, change control, separation of duties, evidence capture.
* Clear documentation skills and the ability to work client-facing (workshops, trade-offs, "why this design").
Nice-to-haves
* Backstage plugin development and/or Compass integration patterns.
* Supply-chain security (SBOMs, signing, provenance), container image hardening.
* Multi-cloud networking patterns; experience with ECR/ACR/Docker Hub governance.
* Experience integrating "AIOps"/LLM-assisted workflows with guardrails (human approval, scoped permissions, rollback).
Salary: GBP Per annum