Let’s Tango! Where Innovation Meets Impact.

At Tango Analytics, we’re all about helping businesses make smarter decisions through powerful technology, insightful data, and a whole lot of collaboration. Whether you are a creative thinker, a strategic planner, a tech wizard, or a customer champion, there's a place for you on our team. We believe work should be meaningful and fun — so if you're ready to make a difference while enjoying the journey, come join us and let's Tango! 

We are looking for an Senior Platform Engineer to join our dynamic and growing Platform Engineering team.

Role Summary:

We are building a platform engineering function from the ground up and this role is at the center of it. As a Senior Platform Engineer you will be a founding team member with a clear, three-part mission: fully rearchitect and codify our cloud estate on AWS and Azure, stand up a world-class SRE and observability practice, and build an Internal Developer Platform with golden paths that make shipping software fast, safe, and self-service. This is a high-ownership individual contributor role. You will work directly with the Platform Engineering Manager to translate strategy into production infrastructure, drive adoption across engineering teams, and set the technical bar for how the platform is built and operated.

If you have strong opinions about infrastructure-as-code, love building things other engineers depend on every day, and want genuine end-to-end ownership — this role is for you.

Key Responsibilities:

Cloud Modernization — Rearchitect & Codify

• Migrate all existing AWS and Azure infrastructure to OpenTofu/Terraform and Ansible; establish module standards, remote state, and GitOps-based plan/apply pipelines — no unmanaged resources
• Audit the cloud estate against the AWS and Azure Well-Architected Frameworks; produce a remediation backlog and drive it to completion across networking, IAM, landing zones, account structure, and cost governance
• Implement policy-as-code (OPA/Conftest, AWS SCPs, Azure Policy) to enforce security, tagging, and compliance guardrails at the platform layer — governance embedded, not bolted on
• Build and maintain reusable Terraform modules for compute (EKS, AKS, EC2), networking, storage, databases, and identity as shared building blocks for all engineering teams
• Define FinOps standards: tagging taxonomy, cost allocation dashboards, rightsizing recommendations, and reserved capacity planning across both clouds

SRE & Observability

• Design and implement the full observability stack: metrics (Prometheus/Datadog), logs (Loki/OpenSearch), traces (Tempo/Datadog APM), and dashboards (Grafana) — instrumented end-to-end via OpenTelemetry
• Define SLIs and SLOs for all platform shared services and critical applications; build error budget dashboards and burn-rate alerting — alert on symptoms, not raw metrics
• Establish the SRE practice from scratch: incident runbooks, post-incident review templates, and at least one chaos engineering exercise (AWS FIS or equivalent)
• Partner with engineering teams to instrument their services, define meaningful alerts, and build operational dashboards — reliability is a shared responsibility, not a platform team tax
• Build capacity planning models for compute and storage so engineering leadership can make data-driven scaling decisions

Internal Developer Platform & Golden Paths

• Deploy and operate a developer portal (Backstage, GitHub or equivalent) as the single front door: service catalog, scaffolding templates, runbooks, API docs, and on-call ownership all in one place
• Build and maintain golden paths for the highest-frequency developer workflows: new service creation, Kubernetes deployment, database provisioning, secrets management, and CI/CD pipeline setup - opinionated defaults with escape hatches for legitimate edge cases
• Own the CI/CD platform layer: standardized pipeline templates (GitHub Actions, GitLab CI), reusable workflow libraries, container image build and scan pipelines, and environment promotion workflows with security scanning (SAST, Snyk) built in by default
• Own Kubernetes platform operations: EKS and/or AKS cluster lifecycle, Helm chart standards, admission controllers, RBAC, network policies, and service mesh (Istio or Linkerd)
• Build the self-service provisioning layer — Backstage scaffolder actions and Terraform automation so developers can provision approved resources without raising a ticket
• Measure adoption and run regular feedback sessions with engineering teams; iterate on golden paths based on real friction, not assumptions

Cross-Cutting Responsibilities

• Partner with peer managers and teams to plan and support migration of existing workloads onto the platform; provide hands-on migration support, not just documentation
• Embed security by default across all platform work: IaC scanning (Checkov, tfsec), secrets management (Vault, AWS Secrets Manager, Azure Key Vault), RBAC, and container image hardening
• Write clear technical documentation, architecture decision records (ADRs), and runbooks; raise the documentation bar for the whole team
• Mentor and support more junior platform engineers; contribute to architecture reviews and build-vs-buy decisions alongside the Platform Engineering Manager

Required Skills:

• 5+ years in platform, infrastructure, or DevOps engineering with direct production ownership on AWS and/or Azure
• IaC: Deep OpenTofu/Terraform proficiency: module authoring, state management, workspace strategy, remote backends, and CI/CD integration; Terramate a plus
• Kubernetes: Strong Kubernetes operations: EKS and/or AKS cluster lifecycle, Helm, admission controllers, RBAC, network policies, and autoscaling
• Observability & SRE: Hands-on observability experience with two or more of: Prometheus, Grafana, Loki, Tempo, Datadog, or OpenTelemetry — including SLI/SLO definition and alert engineering
• CI/CD: CI/CD platform experience: GitHub Actions pipeline authoring, reusable workflow design, and container build/scan pipeline ownership
• GitOps: GitOps: ArgoCD or Flux for Kubernetes continuous delivery; progressive delivery patterns (canary, blue-green) a strong plus
• IDP: IDP experience: Backstage or equivalent developer portal, GitHub, scaffolding templates, service catalog design, or self-service provisioning tooling
• Security: Security-first mindset: policy-as-code, IaC scanning, secrets management, container hardening, and shift- left security practices
• Strong communication and documentation skills; comfortable presenting architecture decisions to engineering peers and leadership

Nice to Have

• SRE background: chaos engineering (AWS FIS, Chaos Monkey), error budget management, incident command, and capacity planning
• Service mesh depth: Istio or Linkerd — mTLS, traffic management, and observability integration
• FinOps tooling (Kubecost, CloudHealth) and reserved capacity planning experience
• Familiarity with AI/ML infrastructure basics: LLM API integration or model serving, as the platform will need to support these workloads
• Certifications: AWS Solutions Architect Associate/Professional, CKA/CKAD, Azure Administrator/Solutions Architect, HashiCorp Terraform Associate
• Python or Go for platform tooling and CLI development

What We Offer

We’re committed to creating an environment where you can thrive—professionally and personally. Our offerings include:

• Competitive Compensation We recognize and reward your contributions with a salary package that reflects your value.
• Comprehensive Benefits Including health, dental, and vision insurance, a 401(k) plan with company match, and generous paid time off to support your well-being.
• Flexible Work Environment Whether remote, hybrid, or in-office, we support work arrangements that promote productivity and balance.
• Inclusive & Collaborative Culture We foster a workplace where diverse perspectives are valued, teamwork is encouraged, and everyone has a voice.

Tango is proud to be an equal opportunity employer. We are committed to equal opportunity regardless of race, ethnicity, religion, parental status, sexual orientation, age, citizenship, disability, or veteran status.

Base pay offered is contingent on qualifications and other operational considerations. Base pay is just one piece of the full compensation structure offered at Tango. If this pay range is outside of your expectations, we still encourage you to apply and have a conversation with us.

Base pay offered for this position is: $140,000 - $175,000

*Applicants must be authorized to work in the U.S. for any employer.

*We cannot sponsor employment-based visas at this time.