Our growing engineering team is looking for a Senior Platform Release Engineer who will own and evolve CI/CD, release automation, observability, and the infrastructure platform that powers Unanet’s multi-tenant AI-first solutions. Our product portfolio spans multiple vertical SaaS offerings, all delivered on a modern, containerized, cloud-native platform running across AWS commercial and GovCloud environments. We are investing heavily in our infrastructure and tooling (e.g., standardizing on EKS, GitLab K8s runners, AWS, and Terraform-based infrastructure-as-code) and this role will be instrumental in shaping the next phase of our platform’s maturity, scalability, and reliability.
In this high-impact, high-visibility role, you’ll design and operate GitLab-based CI/CD pipelines on Kubernetes runners, modernize legacy build and artifact processes, and manage EKS clusters and shared AWS infrastructure through Terraform across accounts and environments. You’ll drive consistent, repeatable releases across product lines (lowers, upper, stage, prod, and GovCloud), while partnering closely with Product Engineering, QA, and our CloudOps teams. You’ll also help elevate our security posture through hardened images, strong network controls, and auditable infrastructure changes, while championing best practices in observability and reliability. If you thrive at the intersection of infrastructure, automation, and release engineering - and enjoy building systems that empower teams to ship with confidence - this is a role where you can make a meaningful impact.
What You Will Do
CI/CD, Build & Release Engineering
- Own end-to-end GitLab CI/CD pipelines for key services, ensuring they build, test, and deploy reliably using K8s runners
- Standardize pipeline patterns (templates/components) for multiple tech stacks (.NET, Go, Node, etc.) and environments, emphasizing build reproducibility and security
- Implement and maintain multi-stage deployment workflows (dev → lower → upper → stage → prod) with automated checks, approvals, and rollbacks, aligned to our change management practices in Jira
- Collaborate with engineering teams to simplify release processes
Kubernetes, Infrastructure & IaC
- Operate and evolve AWS EKS clusters in multiple accounts/regions (including GovCloud) using Terraform and shared infra modules (VPC, subnets, security groups, EKS, Route53, ALBs/NLBs, Network Firewall, etc.)
- Manage cluster add-ons and platform workloads (e.g., monitoring stack, ingress/proxy, build runners, shared services) via Helm / Helm-based tooling and Git-based workflows
- Implement and support infrastructure-as-code for new environments and services (VPCs, EKS clusters, DNS zones, IAM roles, IRSA, Route53 resolver rules, VPC endpoints, etc.)
Observability, Reliability & Operations
- Deploy and tune observability tooling (e.g., Grafana Alloy, Prometheus-compatible metrics, CloudWatch logs, Loki/Victoria Metrics) to ensure platforms and pipelines are well-instrumented
- Define and monitor SLOs/SLAs for critical services and CI/CD components; build alerts using CloudWatch, Grafana, and related tools
- Participate in operational reviews, incident response, and post-incident retrospectives, driving reduction of toil via automation, playbooks, and pipeline improvements
Security, Compliance & Governance
- Apply our container hardening and FIPS 140-2 guidelines across images and pipelines, including use of Chainguard base images and vault-init-fips entry points where required
- Partner with Cloud Platform and Security teams to maintain Network Firewall rules, VPC endpoint policies, and WAF rules that restrict egress/ingress to approved domains and ports
- Ensure CI/CD, infra, and release processes support FedRAMP Moderate and related controls (e.g., SA-4(9) functions/ports/services documentation, image provenance in ECR)
Collaboration & DevOps Advocacy
- Act as a bridge between product development and CloudOps, helping teams adopt best practices in CI/CD, infrastructure-as-code, and Kubernetes deployment patterns
- Provide guidance and documentation on using shared components (build runners, Helm charts, Eve manifests, ECR repos, secrets management patterns)
- Champion DevOps culture and continuous improvement using metrics, incident learnings, and developer feedback to drive change
Who You Are
- 5+ years in a DevOps, SRE, or Release Engineering role supporting production SaaS
- Strong hands-on experience with AWS (networking, IAM, EKS, ECR, EC2, RDS, CloudWatch, Route53)
- Deep experience operating Kubernetes in production (workloads, networking, ingress, RBAC, upgrades, troubleshooting)
- Proficiency with Git-based CI/CD (e.g., GitLab) and building robust pipelines for multi-stage deployments
- Solid infrastructure-as-code skills with Terraform (or CloudFormation) for AWS and Kubernetes resources
- Strong Linux administration and scripting skills (Bash and either Python or Go)
- Familiarity with observability tooling (Grafana/Prometheus/CloudWatch or equivalent) and building actionable alerts
- Excellent communication and collaboration skills; proven ability to partner with developers, QA, and Ops to ship software quickly and safely
Your Differentiators
- Experience working in regulated environments including evidence collection and change control practices
- Prior exposure to container hardening, and secure supply chain practices
- Hands-on with Vault, AWS Secrets Manager, and secret distribution patterns in Kubernetes
- Familiarity with AWS services and integrating them into application CI/CD and IAC patterns
- Experience contributing to or maintaining shared infrastructure modules and platform tools (Terraform modules, Helm charts, operators, GitLab pipeline components)
Our Values
- We are a Team. Employees, customers, and partners working together.
- We are Customer-Focused. Customers are the heart of everything we do.
- We are Driven. Seeking exceptional outcomes.
- We Own our Success. Every employee has a stake in our company.
- We do the right thing and have fun in the process.
The salary range for this opportunity is $142,800 – $165,000 per year. You will be eligible for employee equity as well as discretionary bonus compensation, subject to plans that may be in effect from time to time. You will further be eligible to participate in Unanet's employee benefits plans and programs. For more details on Unanet's benefits offerings, please visit https://unanet.com/employee-benefits. &nbs