Platform Engineering Lead

International Committee of the Red Cross

Location:
Geneva, Switzerland
Category:
Professional Staff
Posted Jun 22, 2026Apply by Jul 13, 2026 (11d left)
See your match score & apply

The Platform Engineering Lead will own the engineering practices, toolchain, and delivery pipelines that power the software development lifecycle at ICRC. This role involves leading a cross-functional team, setting standards for CI/CD, code quality, API management, secrets management, and container platform delivery to support global digital services and humanitarian applications.

Responsibilities

  • Own and evolve the end-to-end CI/CD strategy on Azure DevOps, covering pipelines as code, multi-stage deployments, environment promotion gates, and self-service pipeline templates for development squads.
  • Architect and maintain Azure DevOps organizations, projects, agent pools (Microsoft-hosted and self-hosted), service connections, and pipeline security controls.
  • Administer SonarQube, including quality gate design, custom rule sets, branch analysis, PR decoration, and integration with Azure DevOps pipelines, ensuring consistent code quality and security standards across all repositories.
  • Own the Gravitee API Gateway platform: design and enforce API management policies, plans, subscriptions, rate limiting, and authentication flows (OAuth 2.0, API keys, JWT), and govern the developer portal.
  • Operate and evolve OpenBao for secrets management, covering auth methods, secret engines, dynamic credentials, lease management, and PKI/certificate issuance.
  • Establish and enforce DevSecOps practices, embedding shift-left security scanning (SAST, DAST, SCA, container image scanning) natively into CI/CD pipelines.
  • Define branching strategies, release management processes, and versioning standards, including semantic versioning and changelog automation.
  • Collaborate with security and compliance teams to ensure all toolchain configurations meet ICRC data-protection policies, audit requirements, and relevant regulatory frameworks.
  • Mentor DevOps engineers and embed DevOps culture within product teams through coaching, enablement sessions, and architectural guidance.
  • Strengthen open-source capabilities across the DevOps toolchain (OpenBao, Gravitee, SonarQube, Kubernetes) by enforcing SBOM, license compliance, and CVE triage in CI/CD pipelines, in alignment with ICRC OSPO governance and contribution policy.

Requirements

  • Bachelor's or Master's degree in Computer Science or a related field.
  • 7+ years in DevOps, platform, or infrastructure engineering roles, with at least 3 years in a lead or senior individual-contributor capacity.
  • Agile delivery certification; SAFe certification preferred.
  • Experience in complex, international, or multicultural environments is an advantage.
  • Strong English (written and spoken) is required; French is a plus.
  • Deep hands-on experience with Azure DevOps: pipeline authoring, agent management, environment governance, and organisation-level administration.
  • Practical experience operating an API gateway platform (Gravitee, Apigee, or equivalent) in production, including policy design, authentication flows, and developer portal management.
  • Solid understanding of secrets management principles, with hands-on experience using HashiCorp Vault or OpenBao, covering auth methods, dynamic secrets, PKI, and least-privilege policy design.
  • Experience with security tooling across SAST (e.g. SonarQube), DAST (e.g. Checkmarx), and infrastructure security (e.g. Aqua).
  • Strong understanding of open-source security risks and experience applying relevant best practices.
  • Knowledge of containerisation technologies (Docker, Kubernetes) and securing containerised workloads.
  • Knowledge of data privacy regulations.
  • Strong analytical, problem-solving, and communication skills.

Skills

  • DevOps Engineering
  • Platform Engineering
  • Infrastructure Engineering
  • Agile Development
  • SAFe certification
  • Azure DevOps
  • Pipeline Authoring
  • Agent Management
  • Environment Governance
  • Organisation-level Administration
  • API Gateway Management
  • Policy Design
  • Authentication Flows
  • Developer Portal Management
  • Secrets Management
  • HashiCorp Vault
  • OpenBao
  • Auth Methods
  • Dynamic Secrets
  • PKI Implementation
  • Least-privilege Policy Design
  • SAST Security Tooling
  • SonarQube
  • DAST Security Tooling
  • Checkmarx
  • Infrastructure Security
  • Aqua
  • Open-source Security
  • Containerisation Technologies
  • Docker Containers
  • Kubernetes
  • Securing Containerised Workloads
  • Data Privacy Regulations

Languages

English, French