DevOps Architect

Actively Reviewing the Applications

NXL Technologies

India, Kerala, Kochi Full-Time On-site INR 18–21 LPA

Posted 15 hours ago • Apply by June 2, 2026

Job Description

Company Description

NXL Technologies is an innovative IT company specializing in website development, service support, and gaming development. Committed to advancing the digital landscape, we prioritize creating groundbreaking solutions that push the boundaries of technology. Our emphasis on revolutionizing the gaming industry underscores our dedication to innovation. At NXL Technologies, we thrive on collaboration and creativity, aiming to deliver exceptional value to our clients and users.

About The Role

We're building an automated trading platform on AWS. We're looking for a hands-on DevOps engineer who can own the entire infrastructure — from network architecture and security to deployment pipelines and monitoring. You won't just maintain what exists; you'll help design and build it. This role is ideal for someone who has worked in a small team before, is comfortable making decisions independently, and understands that in a startup, ownership means everything.

What You'll Own

Cloud Infrastructure

Design, build, and maintain our AWS environment (VPC, subnets, EC2, ECS, RDS, DynamoDB)
Manage all networking — Security Groups, NAT Gateway, route tables, VPN endpoints
Write and maintain infrastructure-as-code using Terraform or AWS CDK
Handle environment separation (dev, staging, production) and ensure they don't bleed into each other

Security

Implement and manage AWS Client VPN with certificate-based authentication and MFA
Configure and enforce least-privilege IAM roles across all services
Manage AWS Secrets Manager — API keys, credentials, rotation schedules
Set up and maintain AWS GuardDuty for threat detection
Enforce Security Group rules so internal services only talk to exactly what they need
Coordinate or conduct basic vulnerability scans (AWS Inspector, Dependabot/Snyk)
Work with an external pen tester before major releases

CI/CD & Deployments

Build and maintain deployment pipelines (GitHub Actions, AWS CodePipeline, or similar)
Containerize services using Docker and manage them via ECS or EKS
Implement blue/green or rolling deployments to minimize downtime
Manage Docker image security scanning as part of the pipeline

Monitoring & Alerting

Set up and maintain CloudWatch dashboards, log groups, and metric alarms
Configure SNS alerts for critical events: failed logins, trade anomalies, API key misuse, infrastructure health
Build runbooks for common incidents so the team can respond without you being on call 24/7
Maintain audit logs in a tamper-evident, compliance-friendly way

Reliability & Performance

Implement auto-scaling for EC2 and ECS services
Monitor and optimize AWS costs — reserved instances, right-sizing, unused resources
Ensure RDS backups, snapshots, and point-in-time recovery are configured and tested
Define and work toward uptime SLAs appropriate for a trading platform

Collaboration

Work closely with the backend developer to make secret injection, IAM permissions, and environment config seamless
Work with the bot/quant developer to ensure the bot engine has the right network access — and only that
Document everything: architecture diagrams, runbooks, deployment procedures, incident post-mortems

What We're Looking For

Must Have

2+ years of hands-on AWS experience (not just familiarity — you've built production systems on it)
Strong networking fundamentals — VPCs, subnets, routing, Security Groups, NACLs
Solid experience with Terraform or AWS CDK — infrastructure-as-code is non-negotiable for us
Docker and container orchestration (ECS at minimum; EKS is a bonus)
Experience with secrets management — AWS Secrets Manager or equivalent
Working knowledge of IAM — you can write a least-privilege policy from scratch, not just copy one
CI/CD pipeline experience — you've built pipelines, not just used them
Linux administration — you're comfortable on the command line under pressure

Strong Plus

Prior experience in fintech, trading platforms, or any regulated industry
Familiarity with Binance or exchange API integrations
Experience with AWS GuardDuty, Inspector, or Security Hub
Knowledge of compliance basics — audit logging, data retention, access controls
Experience with Python or Bash for automation scripting
Exposure to pen testing tools or vulnerability scanning workflows

Mindset (This Matters As Much As The Skills)

You think in threat models — not just "does it work" but "what happens when it breaks or gets attacked"
You're comfortable making judgment calls without a committee
You document as you go, not as an afterthought
You flag risks early and clearly, even when it's inconvenient
You understand that in a small team, a mistake you don't catch becomes everyone's emergency

What You'll Be Working With

AWS (VPC, EC2, ECS, RDS, DynamoDB, Secrets Manager, CloudWatch, GuardDuty, Client VPN)
Terraform or AWS CDK
Docker / ECS
GitHub Actions or AWS CodePipeline
Python/Bash for scripting
Binance.US API (trading platform integration)
PostgreSQL / DynamoDB