Lead DevOps Engineer at Elliptic

Do you thrive in a fast-paced setting where you can shape DevOps culture, drive automation, and deliver real impact across engineering teams? Elliptic is seeking a Lead DevOps Engineer to define and execute our next-generation platform vision. You will guide a growing team of DevOps engineers to deliver automation, scalability, security, and operational excellence across our multi-site Kubernetes infrastructure. We’re looking for a hands-on leader, someone who can balance deep technical expertise with people leadership, operational strategy, and continuous improvement. You will partner closely with Engineering, Security, and Data teams to create a culture of reliability, shared ownership, and constant innovation. The impact you will have: You’ll set the technical and cultural direction for DevOps at Elliptic, aligning our infrastructure strategy with company goals. You’ll scale our engineering platforms globally, evolve our reliability posture, and mentor a skilled team that’s trusted to run high-availability production systems supporting mission-critical workloads. You’ll be the bridge between executive direction and technical delivery, ensuring our systems are both high-performing today and ready for what’s next. What you will do: - Own, build, and evolve the DevOps and Platform Engineering roadmap, defining the technical backbone for automation, scaling, and multi‑tenant Kubernetes‑based IDP. - Lead, by doing, engineering, reviewing, and improving Kubernetes and CNCF‑aligned infrastructure daily, setting the technical benchmark for excellence - Architect and operate multi‑cluster, multi‑region Kubernetes environments using tooling such as Istio/Linkerd (service mesh federation), Cluster API (lifecycle management), and Kyverno (policy as code). - Design and deploy progressive delivery frameworks with Flux and Flagger for GitOps‑driven releases, canary and A/B deployments, and automated rollout health‑checks - Implement modern infrastructure provisioning via controllers such as Crossplane and ACK for Kubernetes‑native integration between cloud infrastructure and application delivery. - Define and enforce Zero Trust architecture, implementing network and identity hardening through HashiCorp Vault (secrets management), Boundary (access broker), service identity, and secure service mesh mTLS. - Engineer policy‑driven automation and compliance frameworks, leveraging OPA, Kyverno, and secure supply chain and runtime configurations. - Develop and maintain IaC and GitOps standards and introduce automated testing for every infrastructure change. - Prototype and integrate agentic infrastructure components, including Agentic deployment and observability platforms within Kubernetes service meshes. - Design and integrate AI Gateways and Registries that route traffic and events between microservices and autonomous agents through CNCF Gateway API constructs. - Champion DevSecOps maturity and experimentation, embedding SAST/DAST, chaos engineering, and error budget tracking to drive continuous improvement. - Collaborate cross‑functionally with Security, Data, and AI engineering to shape the intersection of DevOps and agentic AI platform architectures for high‑integrity, regulatory‑compliant operations - Continuously research and adopt emerging CNCF and AI ecosystem advancements, from eBPF observability to agent‑aware orchestration, to keep Elliptic at the forefront of DevOps innovation. You will be a great fit here if you: - Have a passion for building reliable, secure, and scalable systems, and leading others to do the same - Thrive on setting strategy and rolling up your sleeves to implement it - Are driven by a strong customer and product focus - Embrace ownership and decision-making in fast-moving environments - Want to build high-performing, autonomous teams and shape DevOps culture at scale - Align technical leadership with business outcomes - Are transparent, collaborative, and committed to learning and improvement Our ideal candidate has production experience with most of the following: - Platform as Product expertise, defining vision, roadmaps, and user research loops for internal developer platforms (IDPs). - Deep Kubernetes expertise including full cluster lifecycle management, API extension, custom Operator development, Helm charts, and working across the CNCF ecosystem (addons such as Cilium, ExternalDNS, Kyverno, Gatekeeper). - Designing and operating multi‑cluster, multi‑region Kubernetes deployments with service meshes (Istio, Consul, Linkerd) and policy‑based workload placement. - Advanced networking — service mesh federation, mTLS at scale, and eBPF/Cilium observability tracing. - Writing Infrastructure‑as‑Code using Terraform against AWS / GCP, with modular architectures, state segmentation, GitOps integration, automated testing (Terratest/InSpec), and controlled version promotion. - Provisioning and governing cloud resources using Kubernetes‑native controllers such as Crossplane, ACK, or KRO, aligning infrastructure and application delivery. - Implementing GitOps pipelines with ArgoCD or FluxCD, enabling progressive delivery, automated drift correction, and multi‑environment deployments. - Building cloud‑native container, serverless, and event‑driven systems grounded in observability and resilience, with tracing, metrics, and logs correlated through DataDog, Splunk, or OpenTelemetry. - Managing platform security through Vault‑based secret management, least‑privilege access with HashiCorp Boundary or AWS IAM policies, and compliance automation. - Establishing robust CI/CD architectures integrating SAST/DAST, policy enforcement, and cost / performance telemetry. - Applying SLOs, error budgets, and chaos engineering to continuously improve reliability and service quality. - Leading DevOps culture initiatives, building self‑service developer platforms, defining golden paths, and coaching teams in platform‑driven delivery. Bonus Points for experience with: - Leadership of platform modernisation or reliability programs in scale-up or regulated environments - Production experience with Kubernetes Operator development and CRD lifecycle automation - Implementation or design experience with eBPF, service mesh federation, and Cilium‑based tracing for network and security observability. - Policy‑as‑code and governance automation using OPA / Kyverno, tied into Secure Supply Chain or CSPM frameworks. - Hands‑on exposure to AI‑driven internal developer platforms, integrating telemetry and observability powered by AI or LLMs for predictive insights and adaptive remediation - Experience architecting agentic infrastructures, including observability pipelines and experimentation frameworks for AI agents - Familiarity with MCP and A2A orchestration patterns running on Kubernetes, enabling agents to communicate through secure service meshes - Working knowledge of Agent Gateways and Registries, bridging microservices and AI agents through Gateway API and service mesh constructs - Experience experimenting with secure containers, sandboxing, and confidential computing for blockchain or regulated workloads. - Experience with data-oriented workloads, spark, Databricks, or Data Mesh - Programming proficiency in Go, Python, or TypeScript - Open‑source contributions or community leadership in CNCF‑related projects. JOB BENEFITS > How we work: - Hybrid working and the option to work from almost anywhere for up to 90 days per year - £500 Remote working budget to set up your home office space > Learning & Development: - $1,000 Learning & Development budget to use on anything (agreed with your manager) that contributes to your growth and development > Vacation/ Leave: - Holidays: 25 days of annual leave + bank holidays - An extra day for your birthday - Enhanced parental leave: we provide eligible employees, regardless of gender or whether they become a parent by birth or adoption, 16 weeks fully-paid leave and leave. > Benefits: - Private Health Insurance - we use Vitality! - Full access to Spill Mental Health Support - Life Assurance: we hope you will never need this - but our cover is for 4 times your salary to your beneficiaries - £100 Crypto for you! - Cycle to Work Scheme We know Diversity and Inclusion is much deeper than just hiring, but it’s important for us to mention it here. We welcome and embrace individuals of all backgrounds and identities at Elliptic, and this is an ongoing priority for us. We know incredible people don’t all think in the same way. We want to be challenged every day. We believe our diverse team of individuals underpins this by bringing creative thinking and innovation to Elliptic every day. We are committed to creating a diverse, inclusive and equitable workplace, so we welcome applications from everyone, even if you may not think you fit all of the requirements of our roles. We foster an environment of psychological safety, where everyone feels comfortable to bring their whole self to work.