Platform Engineers

Required Skills

  • BS/MS degree in Computer Science, related technical field, or equivalent with 8+ years of industry experience
  • 5+ years hands-on experience with Envoy Proxy (xDS/ADS, ext_authz, HTTP/2, gRPC, WebSocket) and/or Kong API Gateway (plugin development, DB-less mode, Admin API)
  • Strong Go development skills - control-plane services, gRPC APIs, Kubernetes controllers (client-go), concurrency patterns
  • Production Kubernetes experience (EKS and/or on-prem clusters) - Helm charts, HPA, PodDisruptionBudgets, NetworkPolicy, namespace isolation, ArgoCD GitOps
  • Deep understanding of OAuth 2.0 / OIDC / PKCE flows, DPoP sender-constrained tokens, mTLS, and session management patterns
  • Experience with OPA (Open Policy Agent) policy authoring in Rego and sidecar deployment patterns
  • Hands-on with OpenTelemetry (traces, metrics, logs), Dynatrace, and Splunk SIEM integration
  • Working knowledge of CDN/WAF platforms (Akamai Ion, Kona, Cloudflare) and WAF-as-code automation
  • Experience with PostgreSQL (HA, connection pooling, PITR) and Kafka (MSK, Schema Registry, DLQ patterns)
  • Familiarity with DNS steering (GeoDNS, Akamai GTM, health-check routing) and TLS certificate lifecycle (cert-manager, HSM/KMS)
  • Strong CS fundamentals - networking (L3-L7), distributed systems, data structures & algorithms
  • Experience building high-volume, low-latency, resilient infrastructure services

Nice to have

  • TypeScript/React experience for operator dashboard development
  • AWS infrastructure experience (EKS, MSK, Lambda, Direct Connect, Network Firewall)
  • Bitbucket Pipelines CI/CD and GitOps delivery workflows
  • Experience with CAEP (Continuous Access Evaluation Protocol) or similar session revocation mechanisms
  • Background in identity platforms (ForgeRock, SAML federation, token exchange patterns)

Job Descrip tion

  • Design, build and operate Envoy and Kong gateway infrastructure serving production traffic across multiple lines of business
  • Develop Go-based control-plane services - Ingress Registry, xDS controllers, Session Manager, Context Propagator
  • Implement and maintain OPA policy bundles for coarse-grained authorization at the gateway layer
  • Build and extend OpenTelemetry instrumentation pipelines (OTel Collector, Dynatrace OTLP ingest, Splunk SIEM forwarding)
  • Manage GitOps-driven deployments via ArgoCD and Helm across multi-cluster Kubernetes environments
  • Automate WAF rule management across Akamai and Cloudflare using WAF-as-code patterns
  • Contribute to the platform operator console (TypeScript/React) for route management, drift detection, and session visibility
  • Collaborate with LOB teams to onboard routes and migrate traffic from legacy ingress infrastructure
  • Participate in incident response, runbook development, and production readiness reviews
  • Champion software engineering best practices - code review, testing, documentation, and observability-first design
Apply Now
Apply Now

Job Details

Company
Mphasis
Location
Glasgow, Scotland, United Kingdom
Posted