Principal DevOps Engineer

We are looking for a Principal DevOps Engineer to architect and evolve the platform that powers NBC’s broadcast production environments. As a senior technical leader on the NBC Production Infrastructure team, you will design a Kubernetes-native platform that automates the provisioning, lifecycle management, and delivery of cloud infrastructure at enterprise scale. Our team leverages infrastructure-as-code, custom Kubernetes controllers, and GitOps workflows to orchestrate resources across complex multi-account and hybrid cloud environments. Built to support the complex demands of live broadcast production, this platform spans compute provisioning, dynamic software defined networking, hybrid DNS models, remote Virtual Desktop Infrastructure (VDI), and robust configuration management via Puppet. Because we operate at the cutting edge of the cloud-native ecosystem, we are never shy about contributing upstream to the open-source projects we rely on to improve our solutions and push the industry forward. In this role, you will drive the technical vision of the platform. You will write production Go services, architect cloud-native solutions, and establish the engineering standards our teams rely on. This role requires deep fluency across Kubernetes internals, cloud infrastructure, Go systems programming, and a passion for mentoring engineers. PRIMARY RESPONSIBILITIES: Platform Architecture & Vision: Architect a Kubernetes-native platform that models broadcast infrastructure as custom resources. Lead the technical strategy leveraging Crossplane compositions and custom Go functions to automate provisioning across multi-account AWS environments and on-prem control rooms. Systems Engineering & Integrations: Design, build, and maintain production-grade Kubernetes operators, controllers, and internal platform APIs in Go. You will actively develop custom Crossplane providers to deeply integrate external enterprise platforms (such as NRCS, Venafi, and Infoblox) into our control plane, managing resource lifecycles and approval workflows. Infrastructure & Networking Delivery: Lead the design of cloud networking, DNS strategies, and cross-account connectivity across hybrid environments, automating VPC topology and dynamic network routing. Cross-Discipline Collaboration: Partner closely with broadcast systems engineers, system integrators, and external vendors to bridge the gap between broadcast hardware and automated infrastructure. You will lead efforts to "Puppet-ize" bare-metal compute configurations and integrate proprietary vendor solutions into our configuration-as-code ecosystem. Technical Leadership: Serve as a technical authority for the team. Write RFCs, drive architectural decisions, mentor engineers, and establish high-confidence CI/CD pipelines, testing strategies, and GitHub Actions automation. Access & Security Strategy: Own the platform's authorization model, designing hierarchical RBAC systems, resource identifier schemes, and identity integrations that enforce fine-grained access control. Operational Excellence: Drive GitOps-based continuous delivery (Flux, Kustomize, Helm) and manage configuration-as-code for compute fleets using Puppet. Ensure deep operational visibility by designing comprehensive observability and alerting stacks. VDI Integration: Oversee the integration of remote desktop/VDI connectivity solutions, focusing on session authentication, credential management, and gateway routing.