Kubernetes Engineer - Remote Work

Distinguished Engineer (L7) – DevOps

HeyDonto builds reliable data pipelines that connect fragmented healthcare platforms to modern APIs.

We synchronize and standardize data from both on-premise and cloud-based EHR systems into clean, interoperable formats.

Our mission is simple : make healthcare data work the way software should — predictably, securely, and without silos.

As a Distinguished Engineer (L7) in the DevOps Tribe, you'll define and evolve the infrastructure that powers HeyDonto's ecosystem—from Kubernetes clusters and Terraform modules to developer tooling and multi-environment automation. You'll lead through technical depth, setting standards for reproducibility, reliability, and cloud portability across every environment.

Architect and evolve multi-environment infrastructure across GKE, CloudSQL, Confluent, Temporal, and Cloudflare, encoded in reusable Terraform modules and remote state.

Lead deployment automation strategy —CLI orchestration and Helm releases—to keep clusters converged deterministically across environments.

Design and enforce the secrets lifecycle integrating Terraform outputs, SOPS, and 1Password for secure, auditable rotation and distribution.

Define and implement automated drift detection, IAM regression suites, and compliance guardrails for infrastructure reliability.

Own the CUE-based configuration system that exports Compose stacks, environment templates, secrets, and Helm values through just export-cue.

Shape environment parity and portability —abstract provider specifics behind clear interfaces (DNS, storage, ingress, identity) to reduce lock-in and enable repeatable deployments across clouds

Establish portable identity patterns (OIDC, workload identity, least-privilege IAM mappings) that translate across providers.

Mentor senior engineers , codify expectations in documentation and tooling, and steward technical decisions across tribes.

TypeScript, Python, Bash

Infrastructure : Terraform (multi-provider), Helm, Kubernetes (GKE primary; portable to other managed K8s), Temporal Cloud, Confluent Cloud, Cloudflare

Cloud-Agnostic Interfaces : Configuration : CUE, Just, Docker Compose, SOPS, 1Password, env templates

Node CLI, uv, Yarn, gcloud, kubectl

Grafana, Prometheus, vendor-neutral OTel pipelines

CI / CD : GitHub Actions, Conventional Commits, automated drift and policy checks

Documentation and tooling as part of engineering craft.

Reliability as the ultimate measure of quality.

Proven expertise with Terraform module design (multi-provider), Kubernetes / Helm operations, and environment automation.

~ Proficiency in Python, Node.js, and Bash for automation and operational tooling.

~ Strong understanding of Kafka, Temporal, and distributed workflow systems.

~ Track record of leading through influence—setting technical standards, mentoring seniors, and driving architectural coherence.

Experience designing and implementing solutions across multiple cloud providers (e.g., AWS, GCP, Azure) to ensure resilience and avoid vendor lock-in.

Hands-on experience with OpenTelemetry rollouts to build a unified observability platform, helping proactively identify and resolve performance bottlenecks.

Solid understanding of Kubernetes networking , especially configuring Ingress controllers and managing traffic flow.

Familiarity with CUE or similar declarative configuration frameworks.

Open-source contributions or published writing that demonstrates passion for systems thinking and quality craftsmanship.

HeyDonto is a place where senior engineers work at depth. Work Type : Hybrid

If you are interested in applying, please send your English Resume through LinkedIn or send it to maria@heydonto.