Senior Devops Engineer

The Senior DevOps Engineer serves as a critical execution layer for Mercans’ AI-native infrastructure strategy and broader product/engineering delivery and automation. Either based in Tartu, Estonia or Remote, reporting directly to the CTO, and collaborating with Product Managers, Engineering Managers, software engineers, data scientists, and SRE teams, this role operationalizes the technical vision through hands-on automation, GitLab DevSecOps pipelines, and resilient platform operations.

The position focuses on building and maintaining a secure, cost-efficient private cloud environment capable of hyperscale payroll processing and proprietary AI model training/inference, while providing deployment automation, feature flagging, and release orchestration to accelerate Product and Engineering team velocity.

Duties and Responsibilities:

Platform Automation & CI/CD

Support Product and Engineering Teams by implementing and maintaining GitLab CI/CD pipelines that enable rapid feature delivery, A/B testing, feature flagging, and blue-green deployments across all product lines, enforcing architectural standards, security controls, and AI-first engineering patterns defined by the Enterprise Architecture Board.

Provide deployment automation for Product releases with GitLab CI/CD pipelines including shift-left security (SAST, DAST, dependency scanning, container scanning, IaC scanning, secret detection) integrated into merge requests, environment promotion gates, and production deployment approvals.

Enable Engineering velocity through self-service deployment templates, environment provisioning APIs, and GitLab pipeline libraries that reduce cognitive load for application teams building payroll/HR features.

Automate Product experimentation with GitLab Feature Flags, progressive delivery patterns, and canary releases to enable Product Teams to test hypotheses with minimal deployment risk.

Private Cloud Operations

Automate infrastructure provisioning for the private cloud (Kubernetes, HCI, GPU nodes, storage) using Infrastructure as Code in line with the AI Cloud reference architecture, scanning Terraform/Kubernetes manifests for misconfigurations via GitLab.

Operate and optimize GPU-enabled Kubernetes clusters, including bin-packing, autoscaling, and fractional GPU scheduling to support AI training and inference workloads efficiently, with GitLab runtime security policies and container image scanning for CVEs.

Observability & Resilience

Implement observability (logging, metrics, tracing) and SRE practices to contribute toward the 99.999% availability target and active-active multi-datacenter strategy for core payroll and AI services, leveraging GitLab security dashboards for vulnerability tracking and remediation.

Identify operational issues, implement fixes and performance improvements, and contribute to chaos engineering and resilience drills to build an anti-fragile engineering culture, with GitLab conditional pipelines for secure testing and deployment.

Security & Compliance

Ensure systems are safe and secure against cybersecurity threats by embedding GitLab security policies into pipelines, managing secrets with detection scans, enforcing role-based access control (RBAC), and achieving policy compliance through MR approvals and dashboards.

Work closely with Product Managers, software engineers, data scientists, and MLOps teams to standardize release processes for AI models and product features, reduce lead time to production, and integrate with model registries, compliance checks, and feature management platforms using GitLab’s end-to-end DevSecOps workflows.

Documentation & Knowledge Transfer

Produce high-quality documentation for runbooks, deployment procedures, GitLab pipeline templates, and platform standards, and contribute to internal Centers of Excellence for SRE and AI Engineering, including GitLab security best practices training.

Skills and experience

4–6+ years of experience as a DevOps / SRE / Platform Engineer operating production grade Kubernetes based systems and CI/CD pipelines.

Hands on experience with private cloud or on prem Kubernetes (e.g., CAPI based clusters, HCI) and automation tools (Terraform/Ansible or equivalents).

Experience running containerized workloads with GPUs, including familiarity with scheduling, resource quotas, and performance tuning for AI/ML workloads.

Strong automation skills and programming ability in at least one language (e.g., Python, Go, or similar) for scripting, integrations, and tooling.

Good understanding of observability stacks, incident management, and SRE practices (SLIs/SLOs, error budgets, postmortems).

Knowledge of secure software delivery practices, secrets management, and compliance aware deployment in regulated or data sensitive environments.

Proficiency with GitLab DevSecOps: Configuring .gitlab-ci.yml templates for SAST/DAST/dependency/container/IaC scanning, security dashboards, RBAC, policy enforcement, feature flags, and progressive delivery in CI/CD pipelines.

Experience enabling Product/Engineering teams with self-service deployment platforms, GitOps workflows, and golden deployment paths that balance velocity and safety.

Experience with Agile teams and collaborative ways of working across Product, development, architecture, and data/AI functions.

Strong documentation, time management, and communication skills in English, with readiness to take initiative and shape DevOps practices from the ground up in alignment with architectural guidelines.