Company Overview:

Lean Tech is a rapidly expanding organization situated in Medellín, Colombia. We pride ourselves on possessing one of the most influential networks within software development and IT services for the entertainment, financial, and logistics sectors. Our corporate projections offer a multitude of opportunities for professionals to elevate their careers and experience substantial growth. Joining our team means engaging with expansive engineering teams across Latin America and the United States, contributing to cutting-edge developments in multiple industries.

Position Title: Senior DevOps Engineer

Location: Remote - Colombia and Mexico

What you will be doing:

The DevOps Engineer is responsible for designing, implementing, and maintaining AWS cloud infrastructure, deployment automation, CI/CD pipelines, and operational reliability capabilities supporting the NexusNow multi-tenant SaaS hosting platform and its expanding product portfolio (such as Sentinel, DRIFT, Line Boss / xPlorate, and VELMA / Legal). This role will work closely with engineering, architecture, and operations teams to improve multi-tenant deployment velocity, infrastructure scalability, platform observability, and rigid tenant isolation safety boundaries.

The ideal candidate combines strong AWS infrastructure expertise with hands-on operational support experience within a shared SaaS platform model and exhibits a practical automation mindset.

Key Responsibilities

• Design, configure, and manage high-availability AWS cloud infrastructure (VPC layouts spanning 3 AZs with segregated public, application, and data tiers) using Infrastructure-as-Code (IaC) best practices.

• Build and maintain scalable CI/CD pipelines supporting automated multi-tenant deployment workflows and immutable release paths.

• Configure and manage AWS networking, egress-only NAT gateways, private EKS API endpoints, identity/access management (CASL architecture), and environment configuration.

• Support AWS deployment automation, logging, alerting, and operational readiness, explicitly monitoring threat vectors emitted to Amazon CloudWatch and CloudTrail.

• Partner with engineering teams to optimize the velocity and stability of application onboarding cycles (e.g., standardizing patterns learned during the VELMA / Legal launch).

• Troubleshoot complex infrastructure, deployment, cross-tier networking, and multi-tenant isolation configuration anomalies.

• Support automated data protection operations, verifying 30-day credential rotations via AWS Secrets Manager and automated snapshots within an isolated AWS Backup vault.

• Contribute to core platform standards, compiling detailed operational runbooks to convert tribal knowledge into repeatable assets.

• Participate in agile ceremonies including standups, backlog refinement, and retrospectives.

• Enforce security and compliance requirements (e.g., SOC2 metrics) across all staging, performance, and production environments.

Required Skills & Experience

• Extensive (5+ years) hands-on experience in engineering, scaling, and debugging enterprise AWS infrastructure platforms.

• Deep expertise with AWS CDK, Terraform, or CloudFormation templates, with a mandatory emphasis on using CDK to maintain modular cloud architectures.

• Advanced experience building and maintaining automated deployment code workflows (specifically via GitHub Actions).

• Mastery across AWS services powering multi-tenant frameworks, explicitly including: Amazon Cognito (multi-pool structures), Amazon Aurora PostgreSQL, Redis/ElastiCache, Amazon S3, CloudFront/AWS WAF, CloudWatch, EventBridge/SQS/Step Functions, and AWS Secrets Manager.

• Solid understanding of multi-tenant security strategies, policy-based access layers (RBAC/ABAC), and network boundary definitions.

• Experience tracing and debugging errors across heavily decoupled cloud systems and microservices.

Nice to Have Skills

• Experience in engineering enterprise-scale multi-tenant SaaS cloud platform hosting models.

• Experience supporting containerized and serverless AWS workloads, with emphasis on Amazon EKS on Fargate running inside isolated private subnets.

• Prior exposure to developer enablement practices and building automated onboarding templates to abstract platform complexity.

• Experience maintaining infrastructure inside tightly audited, regulated, or security-sensitive environments (SOC2 alignment).

Soft Skills

• The ability to understand the daily frustrations of application development teams and approach infrastructure as a service that enables—rather than blocks—their engineering velocity.

• Maintains extreme clarity, calm focus, and structured communication during high-pressure platform outages or deployment rollbacks before escalating to Slalom’s Incident Command.

• Possesses the open, friction-free communication style needed to pair directly with the Brazil team (OE) to absorb complex cloud infrastructure topologies and code patterns.