Division: Group Technology Services (GTS)
Role Summary
We are looking for a Senior Platform Engineer to lead the design, implementation, and evolution of our Kubernetes platform on Azure (AKS), with a strong focus on service mesh (Istio), platform engineering, and enterprise-scale standards.
You will work in a highly regulated financial environment, supporting critical business activities where security, stability, and compliance are paramount.
As we are not a pure IT product company, our environment includes legacy systems, complex processes, and cross-team dependencies. This requires an engineer who is pragmatic, patient, and capable of driving change iteratively, while maintaining strong engineering standards.
Key Responsibilities
1. Design and implement AKS landing zones, including network isolation, ingress/egress, and security
2. Lead the Istio service mesh architecture and implementation
3. Define and maintain platform standards (network policies, gateway patterns, security models)
4. Contribute to platform automation (Terraform, GitOps, ArgoCD)
5. Collaborate with architecture boards and stakeholders to drive technology adoption and alignment
6. Provide technical leadership and guidance to application teams
7. Deliver documentation, knowledge transfer sessions, and contribute to reusable implementation patterns
8. Continuously improve platform capabilities while balancing innovation with operational stability
About the Squad
Join the “.Net Application Integration Services” squad, composed of a Product Owner, a Scrum Master, and a team of experienced developers.
The squad manages a diverse portfolio across on-premises and cloud environments, structured around three main areas:
9. Euroclear Identity Propagation: Security Token Services for Web, API and Message based Applications
10. Middleware & Technical Frameworks: .NET frameworks, IIS, Service Fabric, corporate NuGet-based bespoke frameworks (in C#), and messaging solutions (WebSphere MQ, Kafka), as well as specialized products
11. Cloud & Container Platforms: Azure and OpenShift technologies including App Services, Function App, Event Grid, Logic Apps, Istio, Dapr, and Calico
The team also delivers Reference Applications to promote best practices and design patterns across the organization.
Working closely with developers, system administrators, and solution architects, the squad focuses on integration, troubleshooting, and optimization, ensuring high levels of availability, scalability, reliability, and security.
As part of our operational model, all team members participate in a structured on-call rotation (watch duty) to ensure continuous support.
Working Environment & Mindset
12. Operate in a regulated environment where: Changes must be controlled, auditable, and secure Reliability and resilience are critical
13. Navigate a heterogeneous and evolving ecosystem: Mix of modern cloud-native and legacy systems Multiple stakeholders with different maturity levels
14. Adopt an iterative and pragmatic approach: Progressively improve the platform rather than aiming for perfection upfront Balance best practices with real-world constraints
15. Demonstrate: Creativity and problem-solving Patience and persistence Ability to influence without authority
Required Skills
16. Strong hands-on experience with AKS and Azure networking
17. Proven expertise in Istio (or similar service mesh)
18. Experience working in Agile/Scrum environments
19. Advanced experience with: Kubernetes Helm Network policies Security (TLS, certificates, identity) Multi-tenant and secure platform design
20. Strong understanding of: GitOps (ArgoCD) Infrastructure as Code (Terraform)
Nice to Have
21. Experience with: OpenShift Certificate / Trust Manager solutions Azure App Service Reference implementations / Design Patterns
22. Understanding of: .NET application architecture and design patterns Enterprise architecture governance
The position might require an On-call/ Watch duty role.
It means that when you are planned to be On-call/Watch Duty, you are available and reachable to work outside standard working hours to perform interventions when needed.
These can be performed on site or remotely from home. All the required equipment will be provided.
Please note that this is a permanent position, and we do not offer freelance/contract arrangement for the role.
#LI-AK1