Job Description
Company Description
ABOUT IQ-EQ
We’re a leading Investor Services group offering end-to-end services in administration, accounting, reporting, regulatory and compliance needs of the investment sector worldwide.
We employ a global workforce of 5,800+ people across 25 jurisdictions and have assets under administration (AUA) exceeding US$750 billion. We work with 13 of the world’s top 15 private equity firms.
Our services are underpinned by a Group-wide commitment to ESG and best-in-class technology including a global data platform and innovative proprietary tools supported by in-house experts.
Above all, what makes us different is our people. Operating as trusted partners to our clients, we deliver intelligent solutions through a combination of technical expertise and strong relationships based on deep client understanding.
We’re driven by our Group purpose, to power people and possibilities.
Job Description
About the Role
We are looking for a DevOps Engineer to manage and support our production-grade Data Platform. Unlike standard cloud-native roles, this position is hands-on with Bare-Metal Kubernetes (K3s).
The role includes ownership of the full lifecycle of highly available k3s clusters, with responsibilities spanning from the OS layer (nftables, proxying) to the application layer. The on-premises infrastructure will be integrated with AWS and Azure to ensure secure, compliant, and high-performance operations for data engineering teams.
- You’ll manage and troubleshoot high‑availability bare‑metal K3s Kubernetes clusters with embedded etcd, including advanced networking using Flannel VXLAN, MetalLB, HAProxy, Keepalived, and Traefik Ingress.
- You’ll administer Longhorn distributed storage, handling replication, snapshots, and S3‑based disaster recovery, while supporting data platforms such as Dagster, PostgreSQL, Snowflake, and cloud storage (AWS S3, Azure Storage).
- You’ll design and operate secure hybrid identity and access solutions using Authentik with Azure AD (Entra ID), AWS IAM Roles Anywhere (X.509), and hardened application security via Nginx WAF and ModSecurity (OWASP CRS).
- You’ll maintain strong observability and SRE practices, including Prometheus, Headlamp, and CloudWatch, defining SLOs, leading blameless post‑mortems, and reducing operational toil through automation.
- You’ll implement GitOps-driven infrastructure and deployments using Helm and Gitea (integrated with Azure DevOps), while managing secrets encryption, proxy integrations, and secure, reliable infrastructure configurations.
What we offer
- Comprehensive remuneration: Competitive financial packages based upon market rates for your role, proportionate to your qualifications, level of experiences and skills profile
- Pension Scheme: Generous employer contribution with the ability to increase employee contributions
- Wellbeing: Additional social benefits such as medical insurance & life assurance, discounted gym memberships and the opportunity to engage with our local community via sports activities, charity programmes & environmental initiatives
- Flexible working: We recognise the value of working flexibly and enable our employees to enjoy an excellent work-life blend
- Support and development: We will ensure you have the right training, tools and development plan to grow and improve your skills every day.
Qualifications
- You have 4+ years of hands‑on experience managing bare‑metal or lightweight Kubernetes environments (K3s, RKE2, or vanilla K8s), including etcd troubleshooting, cluster backup and restore, Ingress controllers (Traefik preferred), and TLS termination.
- You possess strong Linux and networking expertise, covering nftables/iptables, VXLAN overlays, HAProxy and Keepalived VIPs, and operating within corporate proxy environments (NO_PROXY, certificates, DNS).
- You bring solid IAM and hybrid‑cloud experience, including OIDC/SAML authentication (Authentik, Keycloak, or similar), AWS IAM integration for on‑prem workloads, and ideally Azure AD enterprise applications and registrations.
- You have proven storage operations experience with container‑attached storage platforms such as Longhorn, Rook/Ceph, or OpenEBS, with a strong understanding of PVCs, StorageClasses, and volume snapshots.
- You demonstrate an SRE‑oriented mindset with automation skills (Python, Bash, or similar), exposure to data orchestration tools (Dagster or Airflow), Kubernetes security and WAF tuning, and ideally hold or are working toward CKA or CKS certification.
Additional Information
OUR COMMITMENT TO YOU AND THE ENVIRONMENT
As a forward-looking business, sustainability is integral to our strategy and operations. Our sustainability depends on us building and maintaining meaningful, long-term relationships with all our stakeholders – including our employees, clients, and local communities – while also reducing our impact on our natural environment.
There is always more we can, and should do, to improve – whether in relation to our people, our clients, our planet, or our governance. Our ongoing success as a business depends on our sustainability and agility in a changing and challenging global landscape. We’re committed to fostering an inclusive, equitable and diverse culture for our people, led by our Diversity, Equity, and Inclusion steering committee.
Our learning and development programmes and systems (including PowerU and MyCampus) enable us to invest in growing our employees’ careers, while our hybrid working approach supports our employees in achieving balance and flexibility while remaining connected to their colleagues. We want to empower our 5,500+ employees - from 94 nationalities, speaking 41 languages across 25 countries - to each achieve their potential. Through IQ-EQ Launchpad we support female managers launching their first fund, in an environment where only 15% of all private equity and venture capital firms are gender balanced.
We’re committed to growing long-term relationships with our clients and supporting them in achieving their objectives. We understand that our clients’ sustainability and success leads to our sustainability and success. We’re emotionally invested in our clients right from the beginning.
