Senior Platform Engineer

Senior Platform Engineer _ Jersey City, NJ(Locals only)h1b,h4eas,usc—12+years
Key Responsibilities
•    Design, build, and operate Envoy and Kong gateway infrastructure supporting production traffic across multiple lines of business
•    Develop Go-based control plane services, including ingress registry, xDS controllers, session management, and context propagation
•    Implement and maintain OPA (Open Policy Agent) policies for gateway-level authorization
•    Build and extend OpenTelemetry pipelines (OTel Collector, Dynatrace, Splunk SIEM integration)
•    Manage GitOps-based deployments using ArgoCD and Helm across multi-cluster Kubernetes environments
•    Automate WAF rule management across CDN platforms (Akamai, Cloudflare) using infrastructure-as-code approaches
•    Contribute to internal platform tooling and dashboards (TypeScript/React) for route management and observability
•    Partner with application teams to onboard services and migrate legacy ingress traffic
•    Participate in incident response, runbook development, and production readiness reviews
•    Promote engineering best practices including testing, code reviews, and observability-first design
Required Qualifications
•    Bachelor’s or master’s degree in computer science or related field (or equivalent experience)
•    8+ years of industry experience in platform, infrastructure, or backend engineering
•    5+ years of hands-on experience with:
•    Envoy Proxy (xDS/ADS, ext_authz, HTTP/2, gRPC, WebSocket) and/or
•    Kong API Gateway (plugin development, DB-less mode, Admin API)
•    Strong proficiency in Go (Golang), including concurrency patterns and distributed systems design
•    Deep experience with Kubernetes (EKS and/or on-prem):
•    Helm, HPA, PodDisruptionBudgets, NetworkPolicy, namespace isolation
•    GitOps workflows (ArgoCD)
•    Strong understanding of authentication & security protocols:
•    OAuth 2.0, OIDC, PKCE
•    mTLS, DPoP, session management patterns
•    Experience with Open Policy Agent (OPA) and Rego policy development
•    Hands-on experience with observability tooling:
•    OpenTelemetry (traces, metrics, logs)
•    Dynatrace and Splunk SIEM
•    Experience with data and messaging systems:
•    PostgreSQL (HA, pooling, PITR)
•    Kafka (MSK, Schema Registry, DLQ patterns)
•    Familiarity with:
•    CDN/WAF platforms (Akamai, Cloudflare)
•    DNS routing (GeoDNS, GTM, health checks)
•    TLS lifecycle management (cert-manager, KMS/HSM)
•    Strong foundation in networking (L3–L7), distributed systems, and algorithms
•    Proven experience building high-throughput, low-latency, resilient systems
Preferred Qualifications
•    Experience with TypeScript/React for internal tooling or dashboards
•    Strong background in AWS services (EKS, MSK, Lambda, Direct Connect, Network Firewall)
•    Familiarity with CI/CD pipelines (Bitbucket Pipelines, GitOps workflows)
•    Experience with Continuous Access Evaluation Protocol (CAEP) or similar session revocation systems
•    Background in identity platforms (ForgeRock, SAML, token exchange patterns)