Infrastructure / Site Reliability Engineer (SRE) Bank-Grade Cloud Infrastructure & Platform Reliability Location: US-based (Remote friendly) Experience: Senior-level preferred (5–10+ years) Company: Stablecore About Stablecore Stablecore is building the digital-asset side-core for banks. We help regulated financial institutions safely launch and operate crypto-native products, stablecoins, tokenized deposits, custody, and on-chain payments, while integrating directly with their existing banking cores and compliance frameworks. Our customers are banks. Our counterparts are regulators. Our systems must be correct, auditable, resilient, and secure by default. Role Overview We are looking for an Infrastructure / SRE Engineer to design, operate, and harden the cloud and platform foundations that Stablecore runs on. This role owns reliability, security posture, deployment safety, and operational maturity across a multi-region, bank-grade environment. You will work closely with backend engineers, security, and compliance to ensure that the systems moving real money remain available, correct, and defensible under audit. This is not “keep the lights on” IT. You’ll be building and operating infrastructure that regulators, bank risk teams, and third-party auditors scrutinize in detail. What You’ll Work On - Design and operate multi-region AWS infrastructure with strong isolation and failure boundaries - Own production EKS clusters (multi-region, multi-AZ) including: - Cluster lifecycle, upgrades, and node management - Network policies, ingress/egress, and service isolation - Operate Aurora PostgreSQL (Global Database): - Writer / reader topology - Cross-region replication, failover, and DR testing - Build and maintain CI/CD pipelines in GitLab: - Secure build pipelines - Environment promotion and deployment safety - Artifact integrity and traceability - Manage container supply chain security using Harbor: - Image scanning - Provenance and access control - Operate identity and access control via Keycloak: - Realm design and lifecycle - Integration with internal services and gateways - Design and maintain Cloudflare protections: - WAF, rate limiting, bot protection - Zero Trust access patterns - Implement observability, alerting, and incident response: - Metrics, logs, traces - On-call readiness and runbooks - Partner with security and compliance teams on: - SOC 2 / ISO / bank TPRM requirements - Evidence generation and audit readiness - Participate in architecture decisions around: - Multi-tenancy vs isolation - Blast-radius reduction - Availability vs consistency tradeoffs Technical Stack - Cloud: AWS (EKS, Aurora Global, IAM, KMS, VPC, networking) - CI/CD: GitLab - Edge & Security: Cloudflare - Identity: Keycloak - Container Registry: Harbor - Platform: Kubernetes - Observability: Metrics, logs, tracing (tool-agnostic, but production-grade) What We’re Looking For - Strong experience operating production AWS infrastructure at scale - Deep hands-on experience with Kubernetes / EKS - Experience running PostgreSQL or Aurora in high-availability, regulated environments - Comfort owning production reliability, including on-call and incident response - Strong security instincts around: - IAM and least privilege - Network boundaries - Secrets management - Experience designing systems that survive audits, failures, and human error - Clear communication and calm judgment during incidents Nice to Have - Experience supporting fintech, banking, or regulated platforms - Prior exposure to SOC 2, ISO 27001, FFIEC, or bank TPRM processes - Experience with multi-region DR testing and failover exercises - Familiarity with GitOps or infrastructure-as-code patterns - Experience supporting platforms that move money or other irreversible assets Why This Role Is Interesting - You’ll build infrastructure that banks trust with real money - Reliability, security, and correctness actually matter here - Problems are concrete, high-stakes, and non-theoretical - Close collaboration with backend, security, and compliance teams - Opportunity to shape foundational platform decisions early