SonicJobs Logo
Left arrow iconBack to search

DevOps Engineer

Bolt Graphics
Posted a month ago, valid for 24 days
Location

Sunnyvale, CA 94086, US

Salary

$220,000 - $250,000 per year

Contract type

Full Time

By applying, a Sonicjobs account will be created for you. Sonicjobs's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.

Sonic Summary

info
  • We are seeking an experienced RTL Design Tech Lead to oversee micro-architecture and RTL development for complex ASIC/SoC programs.
  • The ideal candidate should have at least 10 years of experience in ASIC/SoC RTL design and possess strong leadership and technical skills.
  • This role requires an individual contributor who can also mentor a team of RTL engineers and ensure high-quality design execution.
  • The position is on-site, requiring presence in the office five days a week, with no hybrid options available.
  • The compensation for this role ranges from $220,000 to $250,000 per year, depending on qualifications and experience.

About the role:

We're hiring a DevOps Engineer to own our GitLab-based delivery platform end to end: the pipelines, the runners, the cloud integrations, and the on-prem infrastructure behind them. You'll work across AWS, Azure, and Proxmox, partnering with developers, security, and product to keep code moving from commit to production quickly and safely. 

Your first big project is leading our GitHub-to-GitLab migration, working with stakeholders across the company to make sure the new platform fits how teams actually work. Once that lands, you'll shift into the ongoing platform work below. 


We currently do not offer sponsorship or relocation for this role.


What you'll do:

  • Initial Focus: GitHub-to-GitLab Migration (1–3 Months) 

A defined, time-bound project. Once it's done and the dust settles, these duties wind down. 

  • Migrate repos, history, branches, tags, LFS, releases, packages, issues, PRs/MRs, and CI config from GitHub to GitLab using GitLab Importer, git filter-repo, and custom tooling where needed. 
  • Translate GitHub Actions into GitLab CI/CD: reusable workflows into CI components/templates, matrix strategies, environments, OIDC, and self-hosted runner equivalents. 
  • Map GitHub constructs (branch protections, CODEOWNERS, status checks, secrets, orgs/teams) to their GitLab equivalents and resolve the gaps with stakeholders. 
  • Plan the cutover (big-bang vs. phased), run mirrors during transition, and verify parity before retiring GitHub assets. 
  • Partner with app teams, security, compliance, and release managers to align the migration with how each team works today and where they need to land. Own the runbook and run enablement sessions. 

Ongoing Responsibilities 

Pipelines & Releases 

  • Build and maintain GitLab CI/CD pipelines: multi-stage workflows, parent/child pipelines, reusable CI components, and matrix builds. 
  • Run and scale GitLab Runners on Kubernetes, AWS, Azure, and Proxmox, including executor tuning, tagging, and cache/artifact strategy. 
  • Ship via blue/green, canary, and rolling deployments with feature flags and automated rollback. 
  • Manage release governance: protected branches/tags, MR approvals, CODEOWNERS, environment-scoped variables, and audit-ready change records. 

Cloud Integrations (AWS / Azure) 

  • Wire GitLab pipelines into AWS (ECR, EKS/ECS/Fargate, Lambda, S3, RDS, CloudFormation/CDK) and Azure (ACR, AKS, Functions, App Service, ARM/Bicep). 
  • Set up OIDC federation so pipelines assume short-lived cloud roles instead of using long-lived keys or secrets. 
  • Integrate with AWS Secrets Manager / Azure Key Vault, CloudWatch / Azure Monitor, and policy engines (AWS Config, Azure Policy). 
  • Feed GitLab security scan results into AWS Security Hub or Microsoft Defender for Cloud. 

Virtualization (Proxmox) 

  • Operate Proxmox VE clusters: nodes, storage (ZFS, Ceph, NFS), networking (bridges, VLANs, SDN), HA, and Proxmox Backup Server. 
  • Provision VMs and LXC containers as code with Terraform (Telmate or bpg/proxmox), Packer templates, and cloud-init. 
  • Use Proxmox for self-hosted runners, ephemeral build agents, and dev/staging environments. Keep parity with the cloud side so pipelines behave the same in both. 

Infrastructure as Code 

  • Build infrastructure with Terraform/OpenTofu: reusable modules, remote state, workspaces, and policy-as-code (OPA or Sentinel). 
  • Run Kubernetes (EKS, AKS, or self-managed on Proxmox) with Helm and Kustomize. 
  • Use Ansible (or Puppet/Chef) for configuration; Packer for golden images across AWS, Azure, and Proxmox. 
  • Implement GitOps with Argo CD, Flux, or GitLab's Kubernetes Agent. 

Security 

  • Tune GitLab security scanners (SAST, DAST, dependency, container, IaC, secret detection, license compliance) and triage findings with the relevant teams. 
  • Manage secrets with Vault, AWS Secrets Manager, Azure Key Vault, or GitLab CI variables; default to OIDC over long-lived credentials. 
  • Apply least-privilege IAM, signed artifacts (Cosign/Sigstore), SBOMs, and image hardening. 

Monitoring & Operations 

  • Instrument systems with Prometheus, Grafana, Loki, OpenTelemetry, CloudWatch, Azure Monitor, or Datadog. 
  • Build dashboards and alerts, investigate incidents, and run postmortems on pipeline and deployment failures. 
  • Support testing, staging, and production: drift detection, capacity planning, and performance tuning. 

Collaboration 

  • Write the docs, runbooks, and ADRs. Build reusable pipeline templates so teams can self-serve. 
  • Work with developers, QA, security, and product to clear bottlenecks and make delivery feel easier. 

Required Qualifications:

  • 3–5 years in DevOps, Platform, or Build/Release Engineering. 
  • GitLab in production: .gitlab-ci.yml, runners, container registry, MR workflows, protected environments. Comfortable with GitLab Flow or trunk-based development. 
  • GitHub-to-GitLab migration experience, or a comparable platform migration (Bitbucket to GitLab, Jenkins to GitLab CI, Azure DevOps to GitLab). You've moved repos, translated pipelines, and kept stakeholders aligned through it. 
  • Working knowledge of GitHub and GitHub Actions to translate what's already there. 
  • Real CI/CD ownership in production. 
  • Deploying into AWS and/or Azure from CI/CD, including OIDC, IAM/RBAC, and core services (compute, networking, storage, managed DBs, container registries, Kubernetes). 
  • Proxmox VE or a comparable virtualization platform (vSphere, Nutanix, KVM/libvirt). 
  • Bash plus one of Python, Go, or Ruby
  • Docker and Kubernetes (Deployments, Services, RBAC, Helm). 
  • Terraform with cloud and Proxmox providers. 
  • Solid Linux and networking fundamentals (systemd, TLS, DNS, HTTP, VLANs, load balancing). 
  • Comfortable with the messy parts of Git: rebases, conflict resolution, history rewriting. 
  • Good at troubleshooting, better at explaining tradeoffs to people with competing priorities. 

Preferred Qualifications:

  • Prior lead role on a source control or CI platform migration. 
  • GitLab certifications (CI/CD Associate, Implementation Specialist) or experience running self-managed GitLab at scale. 
  • AWS or Azure certs (Solutions Architect, DevOps Engineer, Administrator). 
  • Hybrid-cloud experience bridging Proxmox to AWS/Azure (Site-to-Site VPN, Direct Connect, ExpressRoute). 
  • GitOps with Argo CD, Flux, or the GitLab Agent. 
  • Service mesh (Istio, Linkerd) and ingress controllers. 
  • Observability stack ownership (Prometheus, Grafana, OpenTelemetry, CloudWatch, Azure Monitor). 
  • HashiCorp Vault and OIDC federation. 
  • Supply-chain security: SLSA, Cosign/Sigstore, SBOMs (Syft, Trivy). 
  • Proxmox Backup Server, Ceph, or Proxmox SDN. 
  • Postgres or MySQL admin basics: migrations, backups, replication. 
  • Compliance frameworks: NIST 800-53 / 800-171, CMMC, SOC 2, ISO 27001, FedRAMP, PCI-DSS. 
  • Agile teams and coaching developers on platform usage.

Compensation Range: $110,000–$170,000 per year (California). This range represents the anticipated base pay for this role; the final offer may vary based on qualifications, experience, and location.

Benefits:

  • Medical, Dental, & Vision - 100% covered premiums
  • Equity - Stock Options
  • 401(k) match
  • WFH Hardware


Bolt is committed to building a diverse and inclusive environment in which we recognize and value each other’s differences as well as fostering a culture that promotes its core values: Professionalism, Integrity, and Respect. As an equal opportunity employer, all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, or status as a protected veteran.




Learn more about this Employer on their Career Site

Apply now in a few quick clicks

By applying, a Sonicjobs account will be created for you. Sonicjobs's Privacy Policy and Terms & Conditions will apply.

SonicJobs' Terms & Conditions and Privacy Policy also apply.