We're building Keymate, a next-gen identity and access management platform designed around:

• Multi-tenant orchestration
• Event-driven enforcement pipelines
• Real-time observability across identity flows
• And a future-proof foundation for managed IAM services

We're looking for a DevOps Engineer who brings both infrastructure expertise and software architecture awareness to help us build and operate our platform at scale.

This is not a traditional DevOps role—this is product-centric DevOps engineering, tightly integrated with our platform design and development lifecycle.

To maintain our global agility, this role is opened as a B2B / Independent Contractor position. This allows us to work with the best talent regardless of their local labor laws, offering you a competitive international rate and the flexibility to manage your own workspace.

What You'll Do

• Design and operate Kubernetes-native microservices (Java/Quarkus, gRPC, Kafka, PostgreSQL, Infinispan)
• Maintain GitOps pipelines using ArgoCD and GitLab CI, aligned with GitFlow branching strategies
• Orchestrate multi-tenant environments with scoped isolation, resource quotas, and policy-bound namespaces
• Enable event-driven IAM flows by operating and monitoring Kafka pipelines and Access Gateway integrations
• Build and evolve observability stack using OpenTelemetry, SigNoz, and structured tracing
• Define infrastructure-level support for tenant provisioning, policy runtime environments, and token-based observability
• Collaborate with software architects to align infrastructure design with soft-tenant vs. hard-tenant boundaries for SaaS evolution
• Lead efforts for resilience, traceability, and rollout automation across environments

What We're Looking For

• 3+ years of hands-on DevOps experience in Kubernetes-native environments
• Proven ability to build and maintain GitOps workflows (ArgoCD, GitLab CI, Helm, Kustomize)
• Deep understanding of event-driven microservice orchestration, Kafka ops, and gRPC observability
• Experience aligning infrastructure with multi-tenant SaaS patterns (hard tenant, soft tenant, hybrid models)
• Proficiency in system design for DevOps—reliability, security, scalability, and traceability
• Infrastructure as Code mindset, scripting skills (Bash, Python), and config management best practices
• Comfort working in cross-functional engineering teams (backend, frontend, FGA, observability)

Nice to Have

• Familiarity with OpenFGA, Keycloak internals, or secure workload identity management
• Experience with APISIX, Istio/Envoy, or custom routing layers
• Background in distributed tracing, token lifecycle audit, and access event correlation
• Exposure to air-gapped, private VPC, or managed cloud service deployment strategies

What We Offer

• A DevOps role embedded into the core product architecture
• A chance to shape how real-time authorization, tenant isolation, and observability are engineered
• Collaboration with top-tier backend, FGAC, and policy engineering teams
• Fully remote and async-friendly culture
• Opportunity to define how IAM platforms are delivered and operated as next-gen managed services

Note: We're not just shipping YAMLs. You'll engineer IAM infrastructure as product, and design the systems that support real-time, multi-tenant, AI-aware IAM at scale.