Sr DevOps Engineer

• *Senior DevOps Engineer**

• Engineering \| Pune, India (Hybrid) \| Full\-Time*

• Mission\-Critical Core Banking Platform*

• *About the Role**

==================

We are seeking a Senior DevOps Engineer to join a high\-performing platform team building and operating a mission\-critical, low\-latency core banking application. You will be a key contributor to a cloud\-native platform that is deployed first on Microsoft Azure, with roadmap targets extending to Red Hat OpenShift, AWS, and Google Cloud Infrastructure (GCI). This role demands deep hands\-on expertise across the full DevOps spectrum — from infrastructure automation and CI/CD pipeline ownership to container orchestration, secrets management, and developer enablement.

You will work alongside Software Engineering, Quality Engineering, and Platform/SRE teams to ensure every release is secure, repeatable, observable, and operationally excellent. If you thrive in regulated, high\-availability environments and have a passion for automation\-first engineering, this role is for you.

• *Location \& Work Model**

==========================

• *Location:** Pune, India

• *Work Model:** Hybrid — on\-site on designated days; remote\-eligible on other days per team and business needs

• *Work Experience:** 7\+ years of relevant experience

• *Key Responsibilities**

========================

• *1\) CI/CD Pipeline Ownership**

• Design, build, and maintain robust CI/CD pipelines using Jenkins and Gradle to support developer productivity and automated quality gates across dev, test, staging, and production environments.
• Manage container image builds, versioning strategies, and publishing workflows to Nexus artifact repositories; enforce image scanning and dependency hygiene.
• Own end\-to\-end pipeline reliability: fast feedback loops, deterministic builds, and clear failure diagnostics for development teams.

• *2\) Kubernetes \& Cloud\-Native Platform Engineering**

• Administer and evolve Kubernetes clusters on Azure (AKS), ensuring high availability, auto\-scaling, and operational reliability aligned with SLOs.
• Extend the platform to OpenShift, AWS, and GCI as the multi\-cloud roadmap progresses; maintain environment parity across targets.
• Implement and maintain GitOps\-based deployment workflows; manage configuration\-as\-code using Carvel toolchain components (ytt, kapp\-controller, imgpkg, vendir).
• Manage Kubernetes\-native packaging and release workflows; enforce deployment standards across all environments.

• *3\) Infrastructure Automation**

• Own and evolve Ansible playbooks and roles for environment provisioning, configuration management, and platform component lifecycle management.
• Ensure secure, repeatable, and auditable provisioning across dev/test/stage/prod; treat infrastructure\-as\-code as a first\-class deliverable.
• Build and maintain automation for platform component upgrades, patching cycles, and environment refresh workflows.

• *4\) Secrets \& Certificate Management**

• Operate and extend External Secrets Operator (ESO) integrations with vaults and cloud\-native secret stores to enforce zero\-trust secret handling across all environments.
• Manage TLS certificate lifecycles: issuance, rotation, expiry monitoring, and automated renewal using cert\-manager or equivalent tooling.
• Ensure no secrets, credentials, PCI data, or PII are embedded in code, pipelines, or container images; enforce policy\-as\-code controls.

• *5\) Messaging \& Data Infrastructure**

• Support operational management and observability of NATS messaging clusters: configuration, topic management, monitoring, and failure recovery.
• Assist with PostgreSQL database infrastructure: provisioning, backup/recovery validation, connection pooling, and performance monitoring in Kubernetes\-native deployments.
• Collaborate with application teams to ensure messaging and data infrastructure SLOs are met and operationalized with runbooks.

• *6\) Test Orchestration \& Quality Infrastructure**

• Implement and maintain Testkube for Kubernetes\-native test orchestration; integrate automated test execution into CI pipelines as a quality gate.
• Drive security and compliance testing as part of CI/CD: SAST, DAST, container vulnerability scanning, and dependency analysis.
• Maintain test environment infrastructure: provisioning, data seeding, isolation, and teardown automation.

• *7\) Developer Enablement \& Observability**

• Serve as a force multiplier for development teams: reduce friction in the build\-test\-deploy cycle, document platform patterns, and provide self\-service tooling where possible.
• Build and maintain observability infrastructure: logging pipelines, metrics collection, distributed tracing, and alerting for platform and application services.
• Contribute to runbooks, on\-call playbooks, and incident response processes; participate in on\-call rotation as the platform matures.

• *Required Qualifications**

===========================

• in DevOps, Platform Engineering, or Site Reliability Engineering roles; experience with regulated or high\-availability environments strongly preferred.
• — hands\-on cluster administration (AKS or equivalent); deep understanding of workload scheduling, networking (CNI, ingress, service mesh), RBAC, and storage.
• — Jenkins pipeline authoring (declarative and scripted); Gradle build tooling for Java/JVM projects; artifact lifecycle management with Nexus.
• — writing and maintaining playbooks, roles, and inventories for infrastructure automation and configuration management.
• — practical experience with ytt (templating), kapp\-controller (GitOps), imgpkg (bundle packaging), and related tools.
• — Dockerfile authoring, multi\-stage builds, image optimization, registry management, and vulnerability scanning integration.
• — External Secrets Operator (ESO), Kubernetes Secrets, and integration with secret stores (Azure Key Vault, HashiCorp Vault, or equivalent).
• — TLS lifecycle management, cert\-manager or similar tooling, and certificate rotation automation.
• — operational experience with NATS messaging: configuration, monitoring, and failure recovery.
• — operational familiarity: provisioning, backup/restore, connection management, and basic performance tuning in containerized environments.

• *Preferred Qualifications**

============================

• Experience with multi\-cloud or cloud\-agnostic platform delivery (Azure \+ OpenShift \+ AWS or GCI simultaneously).
• Familiarity with GitOps patterns: Flux, ArgoCD, or kapp\-controller\-based deployment pipelines.
• Experience with policy\-as\-code tooling: OPA/Gatekeeper, Kyverno, or similar.
• Exposure to AI\-assisted DevOps tooling (AI\-driven alerting, anomaly detection, or intelligent pipeline optimization).
• Experience in banking, payments, or other regulated transaction processing environments.
• Knowledge of service mesh technologies (Istio, Linkerd) and mTLS within Kubernetes.
• Familiarity with internal developer platform concepts: golden paths, self\-service portals, and developer experience metrics.

• *What We Offer**

=================

• The opportunity to work on a mission\-critical platform that processes high\-value banking transactions at scale.
• A collaborative, engineering\-first culture with strong investment in automation, quality, and developer experience.
• A clear multi\-cloud evolution roadmap with real technical depth and growth opportunities.
• Competitive compensation, benefits, and a hybrid work environment

\#LI\-AP

• ACI Worldwide is an equal opportunity employer.*

ACI Worldwide is a global leader in mission\-critical, real\-time payments software . Our proven, secure and scalable software solutions enable leading corporations, fintechs and financial disruptors to process and manage digital payments , power omni\-commerce payments , present and process bill payments , and manage fraud and risk . We combine our global footprint with a local presence to drive the real\-time digital transformation of payments and commerce.