About Us
GL.iNet is a global leader in networking solutions, specializing in OpenWrt-based travel routers, IoT gateways, and secure networking devices. Our products are sold in over 120 countries, with partners including AT&T, Toyota, and ExpressVPN.
We are expanding our U.S. engineering team in Northern Virginia and building the next generation of GoodCloud, our device management platform for tens of millions of routers and IoT devices deployed across the U.S., EU, and other global regions.
Role Overview
We're looking for a DevOps / SRE Engineer to own the reliability, scalability, and operational security of GoodCloud — our multi-region, cell-based cloud platform serving 10M+ devices.
This role sits at the intersection of DevOps, site reliability engineering, and platform security, and is central to:
- Operating and scaling GoodCloud's per-region Kubernetes cells (US, EU, and other jurisdictions), each a self-contained deployment with its own broker, registry, storage, and identity
- Building and hardening GitLab CI/CD pipelines shared across our U.S. and international engineering teams
- Driving operational compliance — SLOs, audit traceability, data-residency controls, and incident reporting
- Supporting the firmware build and release pipeline as it migrates from Jenkins to GitLab CI
You'll be a key contributor to both platform reliability and day-to-day engineering velocity.
What You'll Do:
Platform Reliability & Cloud Security
- Own reliability and security operations across GoodCloud's multi-region cloud deployments (per-cell Kubernetes clusters, deployed via a shared Helm umbrella chart)
- Define and track SLOs/error budgets; build monitoring, alerting, and incident-response systems across cells
- Conduct security assessments and support penetration testing engagements
- Manage IAM, access control, and secrets management across regional cells
- Support data-residency controls and cross-jurisdiction compliance requirements (e.g., keeping device data, telemetry, and encryption keys within their home region)
DevOps & CI/CD
- Design and maintain GitLab CI/CD pipelines across distributed engineering teams (U.S. and international)
- Implement automated security testing (SAST, DAST, dependency and container scanning) in the pipeline
- Manage infrastructure as code (Terraform, Helm) across the cell-based Kubernetes architecture
- Build monitoring, logging, and alerting systems (metrics, traces, structured logs) spanning all regions
- Support firmware build pipelines for embedded systems, including the ongoing Jenkins → GitLab CI migration
Firmware & Release Compliance
- Support firmware security and release-compliance workflows aligned with applicable regulatory requirements
- Manage vulnerability disclosure intake and patch/release management
- Coordinate with global engineering teams on security updates and CVE remediation
- Support documentation for regulatory and equipment-authorization submissions as needed
Compliance & Documentation
- Maintain operational documentation and audit trails to support internal and external compliance reviews
- Track and report reliability and security metrics (SLO attainment, incident logs, risk closure status) via our monthly ops reporting process
- Support cross-team audit and traceability requirements for our U.S. and international offices
What We're Looking ForExperience
- 5+ years of combined experience in DevOps, SRE, or Platform Engineering, with meaningful hands-on ownership of production cloud infrastructure
- Direct experience with cloud security, DevSecOps, or compliance-adjacent operational work is a strong plus — not required as a separate track
- Experience with IoT platforms, device management systems, or other high-device-count fleets is a strong plus
- Exposure to regulatory or audit-driven environments (any industry) is helpful but not required
Technical Skills
- Strong experience with AWS, GCP, or Azure
- CI/CD tools: GitLab CI (primary), GitHub Actions, or Jenkins
- Infrastructure as Code and containers: Terraform, Docker, Kubernetes, Helm
- Solid understanding of network security, VPN technologies, and secure communication protocols
- Linux system administration and security hardening
- Familiarity with messaging/streaming systems (MQTT/EMQX, Kafka) is a plus
Benefits
- 401(k)
- Dental insurance
- Health insurance
- Paid time off
- Parental leave
- Vision insurance
Work Location: Chantilly, VA 20151
Pay: $120,000.00 - $170,000.00 per year
Benefits:
- 401(k)
- Dental insurance
- Health insurance
- Paid time off
- Parental leave
- Vision insurance
Application Question(s):
- This is an onsite job. Are you able to work on-site Monday through Friday?
Work Location: Hybrid remote in Chantilly, VA 20151