RESETDATA

Systems Engineer

Apply for this role

Role Summary

ResetData is hiring a Systems Engineer to design, build, and operate the foundational infrastructure powering our platform — spanning bare metal, virtualisation, Kubernetes, storage, and security.

This is a hybrid infra + platform engineering role. You will work across the full stack, from physical hardware and Linux systems through to multi-cluster Kubernetes and GPU workloads.

We are looking for engineers who are comfortable operating across boundaries, taking ownership of complex systems, and working hands-on in both data centre and cloud-native environments.

Day-to-day looks like

  • Bringing up and hardening physical and virtualised infrastructure across multiple sites.
  • Data centre hands-on work — racking, cabling, commissioning, and decommissioning hardware; working alongside DC techs and remote-hands; comfortable with the physical side, not just the logical.
  • Running and extending our multi-cluster Kubernetes estate — GitOps-driven, including GPU workloads.
  • Running the security-scanning and CVE-mitigation programme across hosts, hypervisors, and K8s nodes.
  • Debugging across the stack when the failure crosses layers.
  • Writing the automation that makes all of the above reproducible.
  • You should be comfortable owning a problem end-to-end across the layer boundary: spot a kernel CVE on a Friday, ship a mitigation across the hypervisor fleet and every K8s node the same day. Confident enough to push back on architecture you disagree with.

Linux fluency (baseline, required)

You should be at home in Linux as an operating system. Specifically:

  • Comfortable across multiple distributions and their package/init/security quirks.
  • Understands the difference between distro spins/variants (server, cloud, minimal, immutable) and when each is the right choice.
  • Knows your way around systemd, journald, the common networking stacks, AppArmor and SELinux, cgroups, kernel modules and sysctl tuning.
  • Can read a kernel CVE advisory and decide whether a given host is actually exposed, and what the mitigation is.
  • Comfortable building/customising images (cloud-init, kickstart/preseed, Packer, or equivalent).

Bonus: real experience with immutable / image-based Linux, since that's where the K8s node side is heading.

Tech stack (broad strokes)

  • Kubernetes: multi-cluster, GitOps-driven, Helm-based packaging, plus the usual ingress / cert / secrets ecosystem.
  • Hypervisors & virtualisation: KVM-based stacks (Proxmox, CloudStack, OpenStack).
  • Storage: enterprise SAN/SDS plus local NVMe; CSI integration into K8s.
  • Config mgmt / automation: Ansible (deep), with a run-orchestration layer on top.
  • Security & compliance: vulnerability scanning, host hardening (CIS-style baselines), policy-as-code.
  • Networking exposure: overlay networks, load balancing, firewalls — you don't own this but you'll touch it.
  • Languages: Bash (fluent), Python (read/write), YAML at scale; some Go reading ability for upstream patches.

Nice to have

  • MSP / managed-services background — comfortable in a multi-tenant world where customers expect SLAs, change windows, and clean blast-radius boundaries.
  • Knows the difference between "it works on my cluster" and "it works for someone who's paying us".
  • Willing to get NV1 clearance.

← Back to all jobs