• Implementing and maintaining Application Security Testing (AST) tools (SAST, DAST, IAST, SCA, etc.) to identify vulnerabilities and configuration issues during the software development lifecycle. • Implementing and maintaining tools (such as Application Security Posture Management / ASPM) to centralize and deduplicate findings from multiple solutions and integrate reporting into software development workflows. • Integrating security tooling with large-scale enterprise CI/CD pipelines. • Building and managing tooling and processes to drive efficient DevSecOps and Application Security (AppSec) operations.

• Work closely with UX and AI engineers to build and integrate production-ready, containerized applications in a shared cloud environment. • Implement and manage CI/CD pipelines for AI applications, ensuring reliability, scalability, and performance. • Partner with security and compliance teams to implement best practices, including role-based access control and vulnerability management. • Collaborate with the development team to diagnose and resolve complex issues across development and production environments. • Evaluate and integrate modern DevOps and Observability tools to enhance insights into our AI-powered applications. • Contribute to and uphold best practices for DevOps, InfoSec, and Infrastructure within the global team.

Role Description We are seeking a FinOps & DevOps Engineer to drive cloud cost efficiency, automation, and governance across diverse multi-cloud environments (AWS, Azure, and GCP). This role is central to enhancing cost visibility, accountability, and optimization while implementing automation and DevOps best practices across major public cloud platforms. You will collaborate with cloud engineering and finance stakeholders to standardize tagging, build dashboards, develop automated workflows, and advance FinOps as a Service — integrating cloud cost management, CI/CD automation, and cost tracking to achieve operational excellence and financial transparency. Key Responsibilities - Cost Visibility & Allocation - Develop and maintain cost allocation, budgeting, and chargeback models across cloud accounts (AWS, Azure, GCP). - Implement and enforce tagging and resource hierarchy standards, ensuring >90% coverage for cost-critical tags (e.g., Application, Environment, Cost Center). - Build and publish cost visibility dashboards and reports using Power BI, QuickSight, Looker, or other FinOps tooling. - Support unified multi-cloud cost reporting and forecasting for engineering and finance teams. - Optimization & Engineering - Execute rightsizing, scheduling, and lifecycle management of cloud resources across AWS, Azure, and GCP (EC2, VM, GCE, RDS, S3, Storage, Networking). - Manage and optimize Reservations, Savings Plans, Committed Use Discounts (CUDs), and licensing benefits (BYOL, AHB). - Implement policy-as-code and governance using tools like Terraform, AWS Config, Azure Policy, or GCP Organization Policies. - Participate in anomaly detection, spend forecasting, and automation of remediation workflows. - Contribute to CI/CD pipeline management, infrastructure automation, and GitOps practices using Azure DevOps, GitHub Actions, AWS CodePipeline, or Google Cloud Build. - Operate & Partner - Provide actionable insights in monthly cost and performance reviews with engineering and product stakeholders. - Partner with Finance and Procurement teams on budgeting, forecasting, and billing validation. - Collaborate with SRE and Platform teams to balance cost efficiency, performance, and reliability. - Maintain operational hygiene through scripting, compliance audits, and automation. Core Tech Stack - Cost & Governance: AWS Cost Explorer, Budgets, and Config; Azure Cost Management + Billing; GCP Billing Reports; FinOps tools such as Apptio Cloudability, CloudHealth, Kubecost, or Harness CCM. - Observability & Data: CloudWatch, Azure Monitor, Stackdriver, Log Analytics, Power BI, QuickSight, Looker. - Infrastructure as Code & Automation: Terraform, CloudFormation, Bicep, Deployment Manager, Azure DevOps, GitHub Actions, AWS CodePipeline, GCP Cloud Build, Ansible, PowerShell, Python. - Cloud Services Exposure: - AWS: EC2, RDS, S3, Lambda, EKS, CloudWatch. - Azure: VMs, App Services, Storage, Azure SQL, AKS, Databricks. - GCP: Compute Engine, Cloud Storage, BigQuery, Cloud Functions, GKE. Qualifications - 3–6 years of experience in Cloud Engineering, Platform Operations, DevOps, or SRE, with 1–2 years in FinOps or Cloud Cost Optimization. - Hands-on experience with two or more major public clouds (AWS, Azure, GCP). - Proven skills in tagging strategy, cost reporting, and optimization techniques. - Familiarity with Reservations, Savings Plans, Committed Use Discounts, and rightsizing. - Experience with data visualization and reporting tools (Power BI, QuickSight, Looker). - Scripting proficiency (PowerShell, Python, or similar). - Exposure to Infrastructure as Code tools (Terraform, CloudFormation, Bicep) and DevOps automation. - Preferred Certifications: FinOps Certified Practitioner, AWS Solutions Architect – Associate, AZ-104, Google Cloud Engineer, or equivalent. Top Expectations for an L2 Engineer - Execute tagging, cost optimization, and reporting activities under senior guidance. - Maintain accurate dashboards and deliver actionable cost insights. - Assist in implementing automation scripts, policy-as-code, and optimization playbooks. - Drive cost-awareness and accountability across engineering teams. - Contribute to SOPs and operational documentation. Sample KPIs / OKRs - Achieve 10–15% cost savings across assigned workloads. - Maintain RI/SP/CUD coverage ≥ 60% with optimal utilization. - Sustain ≥ 90% tagging compliance. - Respond to cost anomaly alerts within defined SLAs. Nice-to-Haves - Experience with multi-account, multi-project chargeback/showback models. - Exposure to hybrid environments or container platforms (VMware, Kubernetes). - Understanding of enterprise billing structures and consolidated invoicing models.

• Design and maintain GitHub Actions reusable workflows across a multi-repository ecosystem • Own GitOps deployments through ArgoCD, including promotion workflows, sync policies, drift detection, and automated rollback strategies • Implement deployment safety mechanisms such as environment protections, concurrency rules, and verification gates • Operate and manage Kubernetes clusters in Azure (AKS), including scaling strategies, networking configuration, and cluster upgrades • Maintain Terraform-driven infrastructure and enforce PR-driven workflows through Atlantis • Define and maintain SLOs, SLIs, alerting rules, and monitoring dashboards across platform services • Lead incident response, coordinate recovery efforts, and execute structured post-incident reviews • Participate in an on-call rotation and contribute to improving operational processes • Operate and manage secrets using Vault or Azure Key Vault, including access policies and secure integration with workloads • Implement supply-chain security controls, including Trivy scanning, Cosign signing, SBOM generation, and OPA/Gatekeeper enforcement • Partner with Security Engineering on network policies, egress controls, and compliance standards • Automate repetitive tasks and maintain proactive runbooks to reduce operational risk • Use AI tools to improve infrastructure automation, documentation, and deployment safety validation • Collaborate with product teams to strengthen SLOs and deployment safety practices • Challenge technical assumptions and advocate for scalable, secure DevOps architectures