Boku Inc. (BOKU.L) is the leading global provider of local mobile-first payments solutions. Global brands including Amazon, DAZN, Meta, Google, Microsoft, Netflix, Sony, Spotify, and Tencent rely on Boku to reach millions of new paying consumers who do not use credit cards with our purpose-built payment network of more than 300 local payment methods across 70+ countries. Every year, Boku processes over $10 billion in value for our customers. Incorporated in 2008, Boku is headquartered in London and San Francisco and has employees in over 39 countries around the world, including Brazil, China, Estonia, Germany, Ireland, Japan, Singapore, and the UAE. Boku is a truly global company that takes pride in its diversity and thriving equal opportunity workplace.
Role Purpose
We are seeking an experienced Platform Engineer to join our Platform team. The ideal candidate will have a strong background in cloud infrastructure platforms such as AWS, with hands-on experience in designing, implementing, and maintaining scalable, reliable, and secure cloud-native systems. In this role, you will collaborate closely with our engineering and operations teams to manage, optimize, and evolve our infrastructure, ensuring it remains robust, efficient, and aligned with business needs.
We are building and maintaining a robust, highly available platform that empowers engineering teams to deliver features efficiently, reliably, and securely. Our infrastructure is fully hosted on AWS and leverages a range of managed cloud services, including Amazon EKS and MSK. As a Platform Engineer, you will be responsible for provisioning and optimizing infrastructure, supporting application deployments, improving observability and system reliability, automating operational tasks, and guiding teams in adopting modern cloud-native practices.
Key Responsibilities
Network Troubleshooting: Diagnose and resolve complex network communication issues, including those related to TCP/IP, DNS, and HTTP/HTTPS protocols.
SSL/TLS Management: Manage, troubleshoot, and resolve issues with SSL/TLS certificates, including misconfigurations, expirations, and incorrect chaining.
HTTPS Traffic Inspection: Decrypt and inspect HTTPS traffic to diagnose issues related to secure communication, including potential security vulnerabilities.
Automation & Scripting: Develop and maintain scripts and tools (using Python, Bash, PowerShell, etc.) to automate network monitoring, traffic analysis, and other tasks.
Patch management: Contribute to patch management processes by defining and executing upgrade cycles for critical systems—including Amazon EKS clusters, MSK, and operating systems—to ensure ongoing security, stability, and performance across the platform.
Infrastructure:
- Create, maintain, and improve the core “Infrastructure As Code” that supports Boku systems with tools such as Terraform, puppet and FluxCD.
- Design, develop, and deploy cloud security solutions and Boku systems such as :
- Encryption and key management
- SSL certificate management.
- Deployment orchestration and release management.
- Design and implement CI/CD pipelines to streamline development workflows, enhance automation, and accelerate delivery processes.
- Regularly reviewing existing systems and making recommendations for improvements.
Key Skills and Competencies
- Familiarity with major cloud platforms (AWS, Azure, GCP) and containerization technologies (Docker, Kubernetes)
- Strong experience with Kubernetes cluster management and AWS EKS
- Extensive experience with AWS Managed Streaming for Apache Kafka (MSK)
- Proficient in infrastructure-as-code tools such as Terraform, Puppet, and FluxCD
- Skilled in troubleshooting and investigation tools like Wireshark and tcpdump
- Experience with SSL certificate management, key management, and data encryption
- Hands-on experience with patch management processes and upgrading tools and systems including EKS clusters, operating systems, and third-party applications
- Good understanding of version control systems, particularly Git
- Working knowledge of build tools (Maven, Gradle) and CI/CD tools (Jenkins, GitHub Actions/Workflows)
- Strong problem-solving and analytical thinking skills
- Excellent communication skills and a strong team player
- Self-motivated with the ability to work independently and manage multiple priorities
- Adaptable and eager to learn new technologies in a dynamic environment
- Meticulous attention to detail and a strong commitment to code quality
- Experience mentoring and supporting junior team members
Qualifications
- Education:
- Bachelor's degree in computer science, security or equivalent
- Professional experience:
- 4+ years in security engineering, Infrastructure engineering, and security tools such as firewalls, intrusion detection systems, and vulnerability management tools
- Minimum of 4 years of experience in network communication, SSL/TLS management, and traffic analysis.
- Experience securing production environments hosted in Cloud (AWS) with access to sensitive and confidential customer data.
- Experience working within container orchestration solutions such as Kubernetes or Docker.
- Experience with deployment orchestration, automation, and security configuration management using tools like Jenkins, GitHub, Puppet, or Ansible.
- Experience with Terraform, Helm, Prometheus, and FluxCD.
- Hands-on experience with AWS and AWS security best practices
- Deep understanding of TCP/IP, HTTP/HTTPS, DNS, and SSL/TLS protocols and experience with tools like Wireshark, Fiddler, tcpdump, or Burp Suite.
- Strong scripting skills in languages like Python, Bash, or PowerShell.
- Experience managing, analyzing, and troubleshooting highly available and distributed systems.
Read Full Description