Infrastructure Software Engineer, Core Platform
Lumbra, Arlington, TX, United States
About the Role
Lumbra is building Nebula, an agentic harness running as a set of microservices on managed Kubernetes, backed by managed databases, caching, and workflow orchestration, all provisioned with OpenTofu and deployed with Helm via CI/CD. We currently run on GCP but are not wed to any single provider. We're looking for an infrastructure engineer to own the reliability, scalability, and developer experience of the harness across dev, demo, and production environments.
What You'll Own
Author and maintain
Infrastructure as Code
(OpenTofu/Terraform) modules for cloud resources including networking, managed Kubernetes clusters, databases, caching, and container registries. Strong IaC skills and experience with GCP (or equivalent) are essential.
Design and manage
Kubernetes cluster configurations
including node pool autoscaling, workload identity, private connectivity for database access, and network policies. You need deep Kubernetes knowledge, not just manifest authoring.
Build and optimize
Helm charts
for a shared service template consumed by multiple services, managing environment-specific overrides across dev, demo, staging, and production. Experience with Helm inheritance patterns and chart libraries is important.
Own the
CI/CD pipeline architecture : multi-stage builds, conditional triggers based on file-change detection, and deployment orchestration. You should be comfortable authoring and debugging complex pipeline configurations.
Implement and maintain the
observability stack
(metrics, traces, logs) across all services using Grafana, Prometheus, and OpenTelemetry. Experience instrumenting distributed systems and building actionable dashboards is needed.
Manage
secrets lifecycle and credential rotation
with automated syncing to Kubernetes, plus identity provider configuration. Understanding of zero-trust patterns and secrets management at scale is essential.
Configure and maintain
production networking
including load balancing, TLS termination, DNS, and authentication proxies. Solid networking fundamentals are a must.
Optimize the
container build pipeline
for speed and security: multi-stage builds, layer caching, image hardening, and size reduction for faster, safer deployments.
Continuously
profile and optimize platform performance : query latency, pod startup times, resource utilization, and network throughput. You care about measurable improvements and treat sluggish infrastructure as a bug, not a tradeoff.
Maintain
developer experience tooling
including local development environments, task automation, and environment bootstrapping that lets engineers go from clone to running system quickly.
Preferred Qualifications
Experience operating
Temporal
or similar workflow orchestration systems in production
Familiarity with
graph databases
(Neo4j) and
object storage
(MinIO, S3-compatible) on Kubernetes
Experience with
Keycloak
or similar identity providers: administration, realm configuration, and OIDC management
Background in
cloud cost optimization : committed use discounts, node pool right-sizing, spot instances
Familiarity with
GitOps patterns
(ArgoCD, Flux) as an evolution from push-based CI/CD
Understanding of
public key infrastructure : certificate management, mTLS, CA hierarchies, and trust chain validation
Experience with
hybrid networking
between cloud and on-prem environments
Benefits
Comprehensive medical, dental, and vision plans
Premiums 100% covered by Lumbra
for all employees
Exceptionally low premiums for spouses and dependents
Basic life insurance and disability 100% covered for all employees by Lumbra
Option to purchase additional life insurance available
Take the time off that you need, when you need it' paid time off, not accrual based
Generous company holiday calendar including a holiday shutdown in December
Supportive leave of absence program including time off for military service, medical events, and parental leave
Full 401(k) retirement plan
for all full-time eligible employees
Company-funded commuter benefits
Free access to on-site gym at office
#J-18808-Ljbffr
Lumbra is building Nebula, an agentic harness running as a set of microservices on managed Kubernetes, backed by managed databases, caching, and workflow orchestration, all provisioned with OpenTofu and deployed with Helm via CI/CD. We currently run on GCP but are not wed to any single provider. We're looking for an infrastructure engineer to own the reliability, scalability, and developer experience of the harness across dev, demo, and production environments.
What You'll Own
Author and maintain
Infrastructure as Code
(OpenTofu/Terraform) modules for cloud resources including networking, managed Kubernetes clusters, databases, caching, and container registries. Strong IaC skills and experience with GCP (or equivalent) are essential.
Design and manage
Kubernetes cluster configurations
including node pool autoscaling, workload identity, private connectivity for database access, and network policies. You need deep Kubernetes knowledge, not just manifest authoring.
Build and optimize
Helm charts
for a shared service template consumed by multiple services, managing environment-specific overrides across dev, demo, staging, and production. Experience with Helm inheritance patterns and chart libraries is important.
Own the
CI/CD pipeline architecture : multi-stage builds, conditional triggers based on file-change detection, and deployment orchestration. You should be comfortable authoring and debugging complex pipeline configurations.
Implement and maintain the
observability stack
(metrics, traces, logs) across all services using Grafana, Prometheus, and OpenTelemetry. Experience instrumenting distributed systems and building actionable dashboards is needed.
Manage
secrets lifecycle and credential rotation
with automated syncing to Kubernetes, plus identity provider configuration. Understanding of zero-trust patterns and secrets management at scale is essential.
Configure and maintain
production networking
including load balancing, TLS termination, DNS, and authentication proxies. Solid networking fundamentals are a must.
Optimize the
container build pipeline
for speed and security: multi-stage builds, layer caching, image hardening, and size reduction for faster, safer deployments.
Continuously
profile and optimize platform performance : query latency, pod startup times, resource utilization, and network throughput. You care about measurable improvements and treat sluggish infrastructure as a bug, not a tradeoff.
Maintain
developer experience tooling
including local development environments, task automation, and environment bootstrapping that lets engineers go from clone to running system quickly.
Preferred Qualifications
Experience operating
Temporal
or similar workflow orchestration systems in production
Familiarity with
graph databases
(Neo4j) and
object storage
(MinIO, S3-compatible) on Kubernetes
Experience with
Keycloak
or similar identity providers: administration, realm configuration, and OIDC management
Background in
cloud cost optimization : committed use discounts, node pool right-sizing, spot instances
Familiarity with
GitOps patterns
(ArgoCD, Flux) as an evolution from push-based CI/CD
Understanding of
public key infrastructure : certificate management, mTLS, CA hierarchies, and trust chain validation
Experience with
hybrid networking
between cloud and on-prem environments
Benefits
Comprehensive medical, dental, and vision plans
Premiums 100% covered by Lumbra
for all employees
Exceptionally low premiums for spouses and dependents
Basic life insurance and disability 100% covered for all employees by Lumbra
Option to purchase additional life insurance available
Take the time off that you need, when you need it' paid time off, not accrual based
Generous company holiday calendar including a holiday shutdown in December
Supportive leave of absence program including time off for military service, medical events, and parental leave
Full 401(k) retirement plan
for all full-time eligible employees
Company-funded commuter benefits
Free access to on-site gym at office
#J-18808-Ljbffr