123pracovat

Pracovní nabídka

We are looking for a highly skilled Infrastructure / Platform Engineer to take ownership of our on-premises and hybrid cloud infrastructure. This person will be responsible for maintaining the on-prem deployment of our application, managing infrastructure services, monitoring systems, PKI, Kubernetes clusters, internal tooling, and various third-party systems. The role involves close collaboration with development and support teams and hands-on operational responsibility.

Key Responsibilities

On-Prem Application Infrastructure

• Sole ownership of the on-premises version of our application (Docker-based), including:
• Installation scripts, Docker Compose setup, and packaging
• Administrative Portal for managing the on-prem system (web UI for health monitoring, configuration, etc.)
• Release management and versioning for on-prem deployments
• Ensuring compatibility and reliability on Ubuntu and Red Hat–based systems
• Maintain internal web application for generating licenses needed for installation of on-premises version.
• Provide technical support for on-prem customers and internal support teams.

PKI and Certificate Management

• Manage internal PKI infrastructure.
• Monitor certificate expirations and manage automated renewal systems.
• Manually generate and deploy certificates when automation is not possible.

Monitoring & Observability

• Maintain monitoring infrastructure based on Prometheus and Icinga.
• Monitor system health, certificate expirations, production metrics, and alerts.
• Improve reliability and observability of internal and customer-facing systems.

On-Prem Kubernetes & Hardware Infrastructure

• Manage Kubernetes clusters running on company hardware.
• Maintain blade server infrastructure (Blade chassis PAC-6009), including:

Hardware maintenance and replacements
Health monitoring and diagnostics
Container and workload management across multiple blades

Cloud & Data Infrastructure

• Participate in managing AWS resources and deployments into AWS EKS.
• Participate in maintaining and updates of internal tools (API for task automation; log aggregation tool; …) and 3rd-party services (Cassandra, Postgres, Gravitee, and more).
• Manage AWS-based regional VPN Hub machines and bash-based agents that:

Track data usage
Configure nftables for client connectivity and isolation
Coordinate with external orchestration agents

Required Skills & Experience

• Core Infrastructure & DevOps
• Strong Linux administration (Ubuntu & RHEL/CentOS/Alma/Rocky).
• Deep experience with Docker and containerized environments.
• Kubernetes administration experience (on-prem and/or cloud).
• Experience with CI/CD, release management, and automation.
• Hardware/server maintenance experience (blade servers, racks).

Networking & Security

• Understanding of PKI, TLS certificates, and certificate lifecycle management.
• Networking fundamentals (TCP/IP, VPNs, firewalling, nftables/iptables).

Monitoring & Observability

• Experience with Prometheus, Icinga, Grafana, or similar tools.
• Alerting, logging, and operational monitoring best practices.

Programming / Scripting

• Strong Python scripting skills (infrastructure automation).
• Strong Bash scripting skills (complex system automation).
• Experience building or maintaining internal tools or APIs.
• Basic knowledge of frontend development or willingness to learn.

Cloud Platforms

• AWS experience, especially EKS, EC2, networking, IAM.
• Hybrid cloud/on-prem integration experience is a big advantage.

Benefits

• Work on interesting projects with modern technologies
• Opportunity for personal and professional growth (certification, training)
• Flexible working hours and the possibility of remote work
• Friendly team and pleasant working environment
• Other benefits include 25 days of vacation, 3 days of sick days, Multisport card for 220,-/month, meal voucher flat rate, pension savings and more.