Mobiloitte
Website:
mobiloitte.com
Job details:
Job Title: Platform Engineer (DevOps + API + Security)
Location: Remote
Work Timings: 5:00 PM – 2:00 AM IST (US Overlap)
Experience: 8+ Years
We are looking for a dedicated Platform Engineer to take ownership of our DevOps stack, own our security posture, and contribute to API development. This is a multi hat role. When DevOps or security work comes up, you are the person who picks it up immediately and unblocks the team. When it does not, you shift to the API side and contribute to building and maintaining our integrations.
The priority is simple: the team cannot afford to be blocked on DevOps, and security cannot be treated as an afterthought. When a pipeline breaks, a deployment fails, a database migration stalls, or a credential is exposed, we need someone who is already on it.
Responsibilities:
Devops
• Own and improve CI/CD pipelines (GitHub Actions, deployments, rollbacks)
• Manage AWS infrastructure (ECS, RDS/Aurora, S3, IAM, CloudWatch, cost monitoring)
• Maintain and extend Terraform configurations for all infrastructure changes
• Be the first responder on DevOps issues, outages, and deployment blockers
• Monitor production systems and proactively address reliability and performance issues
• Automate repeatable operations (deployments, provisioning, backups, access audits)
• Keep documentation current for infrastructure, runbooks, and incident response
Security
• Own the security posture across GitHub, AWS, Google Workspace, and all third party tooling
• Enforce MFA and 2FA across every platform and audit compliance on a regular cadence
• Manage IAM policies with least privilege as the default, including role based access and scoped service accounts
• Lead incident response for security events (account compromise, leaked credentials, unauthorized access, suspicious activity)
• Manage secrets end to end (rotation schedules, centralized storage, scanning for leaked secrets in repos and logs)
• Run quarterly access audits across all systems and promptly revoke access when people leave or change roles
• Enforce GitHub branch protection, signed commits, required reviews, and org level security policies
• Monitor for anomalies (login patterns, unusual API calls, cost spikes, permission changes) and investigate
• Maintain an up to date security runbook covering detection, containment, eradication, recovery, and postmortem steps
• Partner with engineering on secure coding practices, dependency scanning, and vulnerability patching
Google Workspace Administration
• Administer Google Workspace (users, groups, organizational units, shared drives, domain settings)
• Enforce 2SV, context aware access, session controls, and device policies across the org
• Manage SSO and SAML integrations between Google Workspace and third party tools
• Own the onboarding and offboarding workflow (account provisioning, group membership, license assignment, timely access revocation)
• Configure DLP rules, retention policies, and sharing controls for sensitive data
• Monitor admin console alerts, audit logs, and login activity for suspicious behavior
• Manage email security settings (SPF, DKIM, DMARC, spam and phishing controls)
• Keep license usage clean
API Development
• Lead the build of the new APIs
• Maintain and optimize the existing API (performance, reliability, new features)
• Support and improve other internal APIs as needed
• Integrate APIs with external systems (partners, webhooks, data sources)
• Write clean, tested, well documented code
• Build authentication and authorization the right way (OAuth, JWT, scoped tokens, rate limiting)
Must Have
• Strong hands on AWS experience (IAM, ECS, RDS/Aurora, S3, CloudWatch, VPC)
• Terraform proficiency, comfortable working in an existing codebase
• Solid CI/CD experience with GitHub Actions (or CircleCI, GitLab CI)
• Experience administering GitHub at org level (branch protection, SSO, secrets, security policies)
• Google Workspace admin experience (user management, SSO, security controls, DLP)
• Strong security mindset with real incident response experience (account compromise, credential leaks, access audits)
• Experience with secret management (AWS Secrets Manager, HashiCorp Vault, Doppler, or similar)
• Strong Python for automation, scripting, and API work
• Cloudflare (DNS, WAF, CDN) configuration
• Proficiency with Node.js or TypeScript for backend and API development
• Deep understanding of REST API design and implementation
• Experience with Docker, containerization, and deployment workflows
• Working knowledge of PostgreSQL / Aurora (schema, migrations, performance)
• Writing GitHub Actions workflows from scratch
• Monitoring and observability (Sentry, PostHog, CloudWatch, Datadog)
• Takes ownership and drives issues to resolution without being prompted
• Clear, proactive communication. Flags issues and status without being asked
• Committed, dedicated, and full availability
Nice To Have
• AWS cost optimization and FinOps experience
• OAuth / JWT and API authentication best practices
• Experience with SOC 2, ISO 27001, or similar compliance frameworks
• Familiarity with SAST, DAST, SCA, and secret scanning tooling (Snyk, GitGuardian, Dependabot, TruffleHog)
• Experience with endpoint security and device management (MDM)
• Experience with Cursor, Claude Code, or other AI assisted development tooling
What you will be working on
• Stabilizing and improving DevOps so the team never sits blocked
• Hardening our security posture across AWS, GitHub, Google Workspace, and third party tools
• Automating manual operational work across deployments, migrations, access audits, and permissions
• Leading incident response and building the playbooks so the next incident is faster and cleaner
• Building the new APIs end to end once requirements land
• Keeping the internal APIs healthy and evolving them over time
• Running a tight ship on access management (onboarding, offboarding, quarterly audits, MFA enforcement)
• Being the go to person when a pipeline, deployment, migration, or security alert needs attention
Click on Apply to know more.