OpenSky Architect

Key Responsibilities

• Architecture and Design: Design and document scaled Kubernetes deployments across multiple clusters, availability zones, and cloud providers. Define scalability, high availability and disaster recovery (DR) strategies for mission-critical workloads. Drive adoption of service mesh, GitOps, and multi-tenant architectures for secure workload isolation.
• Security and Compliance: Integrate cybersecurity best practices into Kubernetes architecture, including RBAC, Pod Security Standards, network policies and supply chain security (SLSA v1.1, SBOMs). Partner with Security to align deployments with compliance frameworks such as NIST, CIS Benchmarks (depending on regulatory requirements) with measurable control (e.g., patch SLAs, audit trails).
• Platform Engineering: Build and maintain self-service platform for developers, with golden paths for CI/CD, observability. Establish monitoring, logging, and tracing using Prometheus, Grafana, Loki, OpenTelemetry. Standardize Infrastructure-as-Code (IaC) patterns using Terraform, Helmfile, and ArgoCD. Define golden image pipelines (e.g., continuous-image-patching-pipeline where patched images are rebuilt and pushed automatically).
• Governance: Define a governance policy (cadence, automation, rollback) and ensure it aligns with SLAs and compliance requirements. Define a upgrade roadmap for Helmcharts, operators, CRDs, service meshes and observability stack, ensure that patching does not break workloads at scale.
• Collaboration and Leadership: Partner with Cloud, DevSecOps and Application Teams to deliver secure, production-ready Kubernetes clusters. Mentor engineering teams on Kubernetes design patterns, scaling strategies and secure coding practices for the following workloads archetypes: Secure, fast data streaming (uni-/bi-directional) Large scale data processing and transformation workloads. Serve as a trusted advisor to senior leadership on cloud-native strategy, cybersecurity risks, and technology roadmaps.