👨🏻‍💻 postech.work

Senior Platform Engineer, Devops

Saviynt • 🌐 In Person

In Person Posted 1 week, 1 day ago

Job Description

Saviynt’s Enterprise Identity Cloud helps modern enterprises scale cloud initiatives and solve the toughest security and compliance challenges in record time. The company brings together identity governance (IGA), granular application access, cloud security, and Privileged Access Management(PAM) to secure the entire business ecosystem and provide a frictionless user experience. The world’s largest brands trust Saviynt to accelerate digital transformation, empower distributed workforces, and meet continuous compliance. We are a distributed global R\&D team that is extremely focused on building a platform that solves the toughest security and compliance challenges while helping Saviynt maintain its leadership position in delivering enterprise identity cloud solutions.

WHAT YOU WILL BE DOING

Design and Build Base Images for multiple runtimes (Java, Python, Node.js, Go, etc.)

Good understanding of multi-stage builds, distroless, caching, and minimal OS layers to reduce size and speed up builds

Use Cosign to sign and verify images, ensuring end-to-end supply chain trust

Strong understanding of security and compliance such as FIPS 140-2/3, CIS, STIG and NIST

Collaborate with Engineering, DevSecOps, Cloud Platform, and Security Compliance teams to align image contents with infrastructure, compliance, and runtime needs across all environments

Deep Linux expertise (Alpine, Ubuntu, RHEL etc…) , package management, and hardening knowledge to secure base layers

Build and manage automated image pipelines using GitLab CI

Maintain image governance through versioning, tagging, and lifecycle policies across internal and external registries

Distribute and manage images across AWS, Azure, and GCP registries with signature checks

Ensure base images are optimized for K8s workloads and integrate with Helm charts and DevOps pipelines

Embed image scanning and compliance checks using Amazon Inspector, MicroSoft Defender, Trivy, Grype etc.

Work closely with the ConMon (Continuous Monitoring) team to share vulnerability results, apply fixes and maintain false positives dashboards

WHAT YOU BRING

Expert in Docker, Linux, and container image optimization

Hands-on with Cosign, Sigstore, and container supply chain security

Strong understanding of DevOps, Kubernetes, and multi-cloud ecosystems

Familiar with FIPS, CIS, FedRAMP, and NIST compliance frameworks

Skilled in Bash or Python scripting for automation

Get job updates in your inbox

Subscribe to our newsletter and stay updated with the best job opportunities.