DevOps Engineer

DeepLight AI is a specialist AI and data consultancy with extensive experience implementing intelligent enterprise systems across multiple industries, with particular depth in financial services and banking. Our team combines deep expertise in data science, statistical modeling, AI/ML technologies, workflow automation, and systems integration with a practical understanding of complex business operations.At DeepLight, we don't believe in "off-the-shelf" fixes. We deliver tailored AI solutions designed to integrate seamlessly into existing enterprise architectures, ensuring that innovation is both scalable and secure. From building robust data foundations to deploying sophisticated AI platforms, we empower our clients to lead in an increasingly automated world.The DevOps Engineer owns the Agentic Workflow Automation (AWA) platform's deployment architecture, infrastructure-as-code (IaC), CI/CD pipelines, and continuous operational reliability. Operating within the AI Centre of Excellence (AICoE) at a Mid-level capacity, this position serves as the primary guardian of the cloud-native infrastructure within the bank's Azure UAE environment. The role ensures that every critical platform component—ranging from AKS namespaces and KEDA autoscalers to ADLS Gen2 storage lifecycles and firewall configurations—is entirely automated, secure, and reproducible strictly from code, eliminating manual interventions.Your responsibilities as the DevOps Engineer include:Maintaining and governing all AWA Azure infrastructure utilizing Terraform or Bicep, covering multi-namespace AKS clusters, ADLS Gen2 accounts with WORM policies, API Management configurations, private endpoints, and Key Vault instancesDesigning and optimising automated Azure DevOps pipelines managing the full lifecycle from container compilation, ACR pushing, and Notary v2 image signing, through to managed infrastructure deployments and validation testing gatesManaging multi-namespace AKS clusters, enforcing strict network policies, pod isolation, workload identities, and KEDA autoscaling rules based on active message queues or consumer lagOverseeing container registries, enforce mandatory image signing, monitor vulnerability tracking outputs, and maintain admission control validation policies via OPA GatekeeperAdministering access architectures, managed identity configurations, automated TLS certificate lifecycles, and cryptographic secret rotation schedules within Azure Key VaultConstructing complex KQL queries and alerting conditions within Azure Monitor and Log Analytics to track service-level SLA breaches, runtime failures, and token utilization thresholdsImplementing platform security configurations, managing private connectivity endpoints, Azure Policy enforcement rules, and enterprise firewall architecturesDefining, implementing, and validating automated disaster recovery failover paths, maintaining target Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO) for storage accounts and model serving endpointsRequirementsWe need you to have:A deep competence in building enterprise-grade, production-ready cloud architectures using infrastructure-as-code platforms (Terraform or Bicep)Technical mastery over Kubernetes (AKS) configuration, including Helm/Kustomize deployment engines, network policies, and cluster admission controlsPractical ability to implement automated horizontal scaling strategies using Kubernetes Event-Driven Autoscaling (KEDA) or equivalent streaming metricsThe capability to manage multi-stage, gated deployment pipelines across multi-environment setups using Azure DevOps or GitHub ActionsA solid understanding of enterprise network routing, including hub-and-spoke VNets, private link endpoints, network security groups, and cloud firewall boundariesA minimum of 5 years of experience in dedicated DevOps, SRE, or Platform Engineering roles, with at least 2 years explicitly focused on Azure ecosystemsA documented history managing production Kubernetes deployments, implementing automated RBAC, policy layers, and namespace segmentationExperience writing advanced KQL (Kusto Query Language) expressions to parse logs and feed operational dashboardsHold a Bachelor's degree in Computer Science, Systems Engineering, or a related technical disciplineIt would also be great if you:Are proficient with Kubernetes Workload Identity, managed identity architectures, and Azure Key Vault access security profilesAre familiar with Azure AI Foundry and API Management platforms, specifically controlling token consumption quotas, routing, and rate limitsAre familiar with Azure Event Hubs or Kafka consumer groups, alongside immutable ADLS Gen2 storage structure managementHold an active Azure Administrator Associate (AZ-104), Azure DevOps Engineer Expert (AZ-400), or Certified Kubernetes Administrator (CKA) designationsBenefitsThe benefits you'll enjoy as part of this role include:Competitive salary Comprehensive personal health insurance Visa Sponsorship for the successful individualProfessional development and certification supportSubscription reimbursement relating to your roleOpportunity to work on cutting-edge AI projectsMonthly Employee Incentive programCareer advancement opportunities in a rapidly growing AI companyThis position offers a unique opportunity to shape the future of AI implementation while working with a talented team of professionals at the forefront of technological innovation. The successful candidate will play a crucial role in driving our company's success in delivering transformative AI solutions to our clients.At DeepLight AI, we recognise that diversity drives innovation. We are committed to fostering an inclusive environment where individuals with different thinking styles can thrive and contribute their unique strengths to our specialised AI and data solutions.Our goal is to ensure our application and interview process is accessible, predictable, and fair for all candidates.If you require any specific adjustments to the application process, or if you require any reasonable adjustments should you be successful in being processed to the interview stage, please do let us know. This information will be kept strictly confidential and will not impact hiring decisions.