The Role Fexco's Platform & Infrastructure Engineering teams build and run the shared services the wider engineering organisation depends on, the paved roads that let engineering teams ship product without infrastructure becoming a bottleneck.
Submit your CV and any additional required information after you have read this description by clicking on the application button.
We work primarily in Azure, write Terraform, operate Kubernetes, and build the self-service tooling that ties our service catalog together.
Fexco's principle is, you build it, you own it.
Platform provides the paved roads, application teams own their applications.
Fexco thinks IaC first.
If your instinct is to click through a console to fix something, this is not the role for you.
As a Senior Platform Engineer, you will contribute to the design of major components of the service catalog: the multi-tenant Kubernetes platform, the new IDP capability, and the cloud networking, identity, and policy-as-code that underpin the services this team offers.
You will partner with architecture, security, and engineering leadership to shape how Fexco delivers software.
You will mentor mid-level and junior engineers, set technical standards, and raise the bar across the team.
This is a Platform Engineering role, not DevOps Application teams own their own pipelines and deployments.
Your focus is the shared services, tooling, and infrastructure they run on.
Core Responsibilities Own the teams designs and deliverables for major platform initiatives, from brief to production, with minimal oversight.
Design and evolve Fexcos multi-tenant Kubernetes platform on AKS: tenancy model, upgrade strategy, operator ecosystem, service mesh integration.
Design new services for the catalog and define the developer-facing interfaces and contracts application teams consume.
Contribute to networking and zero-trust architecture: network policies, identity, policy-as-code, segmentation.
Architect Terraform module hierarchies and set code review and IaC standards for the team.
Partner on architecture with various teams on cross-team initiatives.
Mentor Junior and Mid engineers; raise the technical bar through reviews, pairing, and standards.
Contribute to platform strategy and the technical roadmap.
Share on-call duties and lead incident response when platform systems are involved.
Essential Skills Cloud Deep production experience on a major public cloud.
Azure is preferred; AWS or GCP experience is also fine.
Strong grasp of cloud networking: hub-and-spoke topologies, peering, Private Link and Private Endpoint, egress controls.
Solid understanding of cloud identity: managed identities, workload identity, federated credentials.
Kubernetes Has designed and operated multi-tenant Kubernetes platforms at scale, or equivalent experience designing similar platforms: upgrade strategy, operator ecosystem, tenancy model, noisy-neighbour handling.
Production experience with the broader ecosystem: GitOps (ArgoCD), service mesh (Istio or similar), ingress (Traefik, NGINX), policy (Kyverno, OPA) or equivalent skills.
Infrastructure as Code and Automation Terraform is your main tool.
You design module hierarchies, not just write modules.
Fluent in Python for platform tooling.
You treat platform code as software, with tests, CI, and reviews.
Experience with image and artefact pipelines (Packer, OCI, supply-chain signing).
Networking and Security Deep TCP/IP, DNS, TLS, and L2 to L7 knowledge.
Hands-on with zero-trust patterns, SAML, OIDC, and service identity.
Comfortable working in regulated environments (PCI-DSS, ISO 27001) and making compliance-aware design decisions.
CI/CD and Delivery Built production-grade GitLab (or equivalent) pipelines and understand what makes them good.
GitOps is how you think about delivery; you have operated ArgoCD or equivalent in anger.
Observability Grafana, Prometheus, and a modern tracing stack in production, or equivalent tooling.
Dashboards and alerts that reflect SLOs, not noise.
Leadership and Communication Writes architectural documents that become team references.
Mentors juniors and mid-levels effectively, raise the bar through review, not gate keeping.
Comfortable pushing back with reasoning and partnering with architecture, security, and product leadership.
Mindset Infrastructure as Code first.
Design-led.
You care about the shape of the problem, not just the code.
Product-minded.
The platform is a product, its users are engineers.
Nice to Have Kubernetes CKA or CKS certification.
Cloud certifications: Azure is preferred but AWS or GCP certifications are also welcome.
Experience in financial services or other regulated environments.
Familiarity with eBPF, Cilium, or Hubble.
Experience with secrets management (Vault, cloud-native KMS).
Public platform engineering presence (blog posts, conference talks, upstream contribution).
What Good Looks Like in Year One Led design on at least one major platform initiative from brief to production.
Raised the technical bar across Platform team through documented standards, mentoring, and design reviews.
Partnered effectively with architecture and security on cross-cutting platform decisions.
Built operational credibility through incident leadership and reliability improvements.
Note on Travel This role requires occasional travel to our Kerry office for team meetings and collaboration. xsokbrc
While day-to-day work can be hybrid, you need to be willing to travel to Kerry when needed.