DevOps Engineer

Sentryk · Novi Sad, Vojvodina, Serbia
LinkedIn

Posted

Jul 12, 2026 (3d ago)

Seniority

Lead

Work Model

Not Specified

Type

Not Specified

Category

DevOps & SRE

Salary

€36k – €48k ≈ $39,240 – $52,320 USD

Skills

Ansible Azure Bash CI/CD Cloudflare Cybersecurity GitLab GitLab CI Go Helm Kubernetes MySQL PostgreSQL Python RabbitMQ Redis Rust Terraform Vault

Description

About Sentryk Sentryk AI LTD is an Abu Dhabi-based cybersecurity startup building vx0, an AI-native application security platform. vx0 unifies five scanners - SAST, SCA, secret detection, IaC scanning, and DAST - behind a single AI triage layer targeting a 99%+ reduction in false positives. vx0 ships as a managed cloud offering and as a self-hosted Helm/Terraform package for enterprise and air-gapped environments. The company is founder-funded with runway secured, has early commercial conversations underway across the UAE and Europe, and is running SOC 2 (Type I and II) and ISO 27001:2022 certification in parallel with the product build. You would join at the ground floor, working directly with the founders and reporting to the CTO. As a security company, we hold our own infrastructure to the same standard we sell. We run everything ourselves, end to end: private Kubernetes clusters on Azure, a self-hosted GitLab, HashiCorp Vault, and a zero-trust network built on Tailscale and Cloudflare. Everything is code, every decision is written down, and nothing gets deployed by hand. The Role You will be the engineer who owns and evolves that platform, working directly with the founding team. The foundation is already live and well documented (Terraform modules, Ansible roles, ADRs, runbooks). Your job is to take it further: make the developer experience excellent, push our security and compliance automation forward, and bring the remaining environments to production grade. This is a high-ownership role. You will make architecture decisions, write them down, and live with them in production. What You'll Do CI/CD and developer experience Own our self-hosted GitLab: runners, CI images (Go, Rust, Node), pipeline templates, and tag-driven deployments Run the internal supply chain: Harbor container registry with proxy cache and scanning, plus private package registries for Go, npm, Rust, and Python Make builds faster and deploys boring, so the product team ships without thinking about infrastructure Security and compliance Operate HashiCorp Vault: policies, secret rotation, PKI, and break-glass procedures Extend policy-as-code across the stack: Kyverno cluster policies, OPA/Conftest and Checkov gates in CI Drive SOC 2 (Type I and II) and ISO 27001:2022 readiness with Drata: automate evidence collection and device posture via Fleet (osquery) MDM Maintain our zero-trust posture: Tailscale ACLs, Cloudflare Tunnel exposure patterns, private-only API servers Buildout and scaling Stand up our production environment from existing Terraform and take partially wired services live Prove out disaster recovery: Velero backups, restore drills, and runbooks that actually work Help shape the self-hosted and air-gapped distribution of vx0 (Helm and Terraform) as enterprise deployments come online Keep the platform healthy day to day: upgrades, monitoring, and capacity as we grow Our Stack Azure (private AKS, hub-and-spoke VNets, PostgreSQL, MySQL, Redis), Terraform, Ansible, Helm, self-hosted GitLab CI, HashiCorp Vault, Tailscale, Cloudflare (Tunnels, WAF, DNS), cert-manager, Kyverno, External Secrets Operator, Velero, Harbor, SeaweedFS, RabbitMQ, Fleet MDM, Python and Bash tooling. What We're Looking For 5+ years in DevOps, platform, or infrastructure engineering, with real production ownership Strong Kubernetes experience: deploying, upgrading, and debugging clusters, not just using them Solid Terraform (modules, state discipline) and configuration management, ideally Ansible Experience designing CI/CD pipelines, ideally on GitLab Hands-on secrets management, ideally Vault, and working knowledge of TLS/PKI Good networking fundamentals: DNS, cloud networking (VNets, peering, firewalls), VPN/mesh networks Comfortable scripting in Python and Bash A security-first mindset and the discipline to document: runbooks, ADRs, and honest post-mortems Based in Serbia and comfortable working UAE hours Nice To Have Azure specifics: AKS, Entra ID, workload identity Tailscale or other zero-trust/WireGuard-based networking at scale Policy-as-code (Kyverno, OPA/Rego, Checkov) SOC 2 or ISO 27001 experience, especially with Drata or Vanta Experience self-hosting platform services (GitLab, Harbor, package registries) osquery/Fleet or other MDM and device posture tooling How We Work Everything goes through Terraform or Ansible. No console click-ops, no kubectl one-offs Deploys are tag-driven through GitLab CI Decisions become ADRs, operations become runbooks, and hard-won lessons get written down Security defaults are on by default: non-root containers, read-only filesystems, least privilege everywhere Small team, direct access to founders, and the autonomy that comes with real ownership What We Offer EUR 3,000 - 4,000 per month, full-time, with the final offer depending on your seniority and skills Remote work now, with a hybrid option once the Serbia office opens A serious, modern platform to own, without legacy baggage or ticket-queue bureaucracy How To Apply Send your CV or LinkedIn profile to [email protected], ideally with a short note about the most interesting piece of infrastructure you have built or operated. Our process: intro call (30 min), Quick Task (1 day deadline), technical deep-dive on your past work (60-90 min), a short practical discussion around a real scenario from our stack, then offer.