Lead - Unix Engineering

Role Summary

We're looking for a Lead UNIX Engineer who brings traditional platform depth along with modern engineering practices. You'll help lead the design, deployment, and lifecycle of mission-critical UNIX platforms (Solaris, AIX, RHEL, Ubuntu) and services, while contributing to DevOps tooling, Git-driven workflows, hybrid cloud strategies with an automation mindset. This is a key role in a high-trust team that powers secure, compliant infrastructure for a global financial institution. Expect deep technical challenges, high visibility, and opportunities to influence platform direction.

Key Responsibilities

Core UNIX Engineering & Support

Design, secure, build, and maintain resilient UNIX environments across Solaris (10/11 with Zones, LDOMs), AIX 7.x (VIOS, NPIV), Ubuntu, and RHEL 510 (on physical, virtual, and hybrid platforms).

Own OS lifecycle strategy: patching, upgrades, security baselines, and hardware refresh planning.

Maintain HA solutions (Pacemaker, VCS, HACMP, RH Cluster Suite) and performance-tuned enterprise systems.

DevOps, SRE & Automation

Embrace an SRE mindset: treat infrastructure as code, prioritize availability and observability, and automate toil.

Automate provisioning, compliance checks, and config enforcement using Ansible, AAP, AWX, CFEngine, and scripting (bash/ksh/Python).

Use GitHub for source control, peer-reviewed automation pipelines, change tracking, and documentation versioning.

Contribute to CI/CD workflows for infrastructure as code deployments, and integrate with enterprise tools like ServiceNow, Jenkins, or GitHub Actions.

Security

Ensure UNIX systems are hardened and compliant with security frameworks (e.g., CIS Benchmarks, NIST, FFIEC, ISO 27001).

Manage OS-level security policies including firewall rules, kernel parameters, selinux policies and secure configurations.

Integrate host systems with PAM, LDAP, and CyberArk, Conjur for identity and privileged access management.

Support audit, forensic, and security event investigations in coordination with InfoSec teams.

Regularly review and remediate security vulnerabilities identified by Qualys, Nessus, or other scanning tools.

Contribute to incident response planning, patching SLAs, and compliance reporting.

Design and maintain logging, audit trails, and syslog/SIEM integrations (Splunk, QRadar, etc.).

Authentication, Authorization, and Directory Services

Integrate UNIX systems with enterprise identity management platforms using LDAP, RHDS, Kerberos, PAM, and SSSD.

Implement and enforce secure access controls, sudo policies, and RBAC schemes.

Collaborate with IAM and InfoSec teams on audit readiness, access provisioning, and PAM integrations.

Monitoring, Reliability & Incident Response

Integrate systems with monitoring tools like Dynatrace, vROps, and custom health scripts.

Support alerting, auto-remediation, and telemetry for performance and availability.

Participate in on-call rotations, DR testing, and RCA for high-impact incidents.

Hybrid Cloud & Platform Modernization

Support UNIX workloads running on VMware (vSphere/vSAN/vXrail) and prepare platforms for future cloud integration.

Assist with cloud-readiness assessments, infrastructure modernization efforts, and immutable infrastructure adoption.

Collaborate with Cloud, DevOps, and Cybersecurity teams on secure hybrid operating models.

Documentation & Governance

Maintain robust documentation in Confluence: HLD, LLD, SOPs, DR plans, build guides, access policies, GitHub repositories, and architectural decisions.

Ensure all platforms and automation meet compliance standards (CIS, FFIEC, SOX, ISO 27001).

Lead or contribute to engineering design reviews, change boards, and audit remediation efforts.

Required Skills and Experience

Technical Requirements

10+ years in UNIX engineering across Solaris, AIX, RHEL and Ubuntu, with deep expertise in large enterprise environments.

Strong understanding of centralized authentication/authorization using LDAP, Kerberos, PAM, SSSD, RHDS, and Active Directory integration.

Proficiency in shell scripting (bash, ksh, sh); strong familiarity with Python, and Ansible.

Hands-on experience with tools like:

o Red Hat Satellite, CFEngine, PowerVC, LVM/VxVM

o Pacemaker, Veritas Cluster, HACMP, or equivalent HA stacks

o GitHub for version control and collaboration

o Cohesity, NetBackup, CyberArk

o VMware vSphere ecosystem (vCenter, ESXi, vSAN, vXrail)

Skills in config management and config drift

Perl experience beneficial

Experience with Dynatrace

DevOps/SRE Practices

Experience with infrastructure-as-code principles, Git-driven config management, and CI/CD pipelines leveraging GitHub Actions and Ansible / AWX

Familiarity with automated validation, monitoring, logging, and alerting frameworks.

Passion for automating operations tasks, reducing technical debt, and building sustainable systems.

Soft Skills

Proactive, detail-oriented, and comfortable in fast-moving, audit-heavy environments

Diligent with ability to cross check / robust validation of outcomes and results

Excellent communication, documentation, and cross-team collaboration and contribution skills

Ability to mentor junior engineers and lead by example in engineering practices and professionalism.

Preferred Qualifications

Experience in financial services or other highly regulated sectors

Exposure to hybrid cloud operations, containerization (e.g., Podman, Docker, Tanzu), or cloud-native UNIX alternatives.

Familiarity with enterprise CI/CD tooling (Jenkins, GitHub Actions, ServiceNow integration).

Certifications (preferred but not required):

RHCE, IBM AIX Advanced, Solaris Certified, Ansible Automation

ITIL Foundation, Security+, or relevant cloud certifications (e.g., AWS SysOps)

Work Conditions & Availability

Business-hours role with rotating on-call and scheduled change windows (nights/weekends).

Participation in BCP/DR exercises, audit cycles, and cross-region platform support is expected.