O pozici
CloudLinux and TuxCare build Linux, security, and enterprise infrastructure products used by hosting providers, software vendors, and engineering teams around the world. The Infrastructure team runs the platforms behind that work: data centers, public cloud providers, OpenNebula, Kubernetes/Talos, Ceph, CI/CD, observability, identity and access systems, and internal services.
Co budeš dělat
- Design and operate reliable cross-DC and hybrid connectivity across IPsec, BGP, routing policy, firewalling, DNS, Cloudflare, provider networking, and cloud connectivity.
- Build highly available network paths across data centers, public cloud providers, OpenNebula, Kubernetes/Talos, and bare-metal infrastructure.
- Own network changes end to end: design, risk assessment, peer review, rollout, monitoring, validation, rollback, and post-change notes.
- Replace fragile manual patterns with documented, observable, repeatable services using Git review, automation, scripts, source-of-truth data, and monitoring.
- Debug and resolve production incidents involving Linux networking, BIRD/FRR, strongSwan, Juniper, Cloudflare, DNS, or provider networking.
- Write and maintain runbooks, network diagrams, change records, and post-incident documentation.
- Contribute to capacity planning, failure mode analysis, and architecture decisions for the network layer.
- Participate in on-call rotation for infrastructure-level incidents.
Koho hledáme
- 5+ years of hands-on production network engineering experience in environments spanning data centers, cloud providers, and Linux-based infrastructure.
- Strong BGP knowledge: eBGP/iBGP, route policy, communities, prefix filtering, BIRD or FRR configuration and troubleshooting.
- IPsec/site-to-site VPN experience: strongSwan or equivalent in production multi-site environments.
- Linux networking depth: routing tables, namespaces, iptables/nftables, VLAN, bonding, bridges, tc, packet capture and analysis.
- Experience with at least one public cloud provider’s networking (AWS, GCP, or Azure): VPC, transit gateway or equivalent, security groups, routing.
- Familiarity with Kubernetes/container networking: CNI concepts, overlay networks, ingress, DNS behavior inside clusters.
- Practical DNS operations: authoritative and recursive DNS, zone management, split-horizon, debugging resolution failures.
- Experience with network monitoring and observability: flow data, SNMP, ping/probe monitoring, alerting, and using metrics to identify issues before they escalate.
- Infrastructure-as-code mindset: you version, review, and automate changes rather than making undocumented manual edits.
- Strong incident troubleshooting: you can work calmly under pressure, isolate root causes, and communicate status clearly.
- English written communication sufficient for async technical collaboration, documentation, and incident handling.
Benefity
- A fully remote role with no location restrictions.
- Real technical ownership — not a ticket queue, not a support role.
- A small, senior, low-bureaucracy team.
- Competitive compensation.
- Home-office budget, professional development allowance, medical insurance, company retreats, coworking budget, wellbeing allowance, and flexible schedule.
