This website uses cookies to ensure you get the best experience.

Lithosquare and our selected partners use cookies and similar technologies (together “cookies”) that are necessary to present this website, and to ensure you get the best experience of it. If you consent to it, we will also use cookies for analytics purposes.

See our Cookie Policy to read more about the cookies we set.

You can withdraw and manage your consent at any time, by clicking “Manage cookies” at the bottom of each website page.

Select which cookies you accept

On this site, we always set cookies that are strictly necessary, meaning they are necessary for the site to function properly.

If you consent to it, we will also set other types of cookies. You can provide or withdraw your consent to the different types of cookies using the toggles below. You can change or withdraw your consent at any time, by clicking the link “Manage Cookies”, that is always available at the bottom of the site.

To learn more about what the different types of cookies do, how your data is used when they are set etc, see our Cookie Policy.

These cookies are necessary to make the site work properly, and are always set when you visit the site.

Vendors Teamtailor

These cookies collect information to help us understand how the site is being used.

Vendors Teamtailor
Skip to main content
Technology · Paris · Hybrid

Senior DevSecOps Engineer

About the company

The transition to a sustainable future requires discovering new mineral resources to power clean technologies and renewable energy solutions. From lithium for electric vehicle batteries, to copper for wind turbines, and rare earth elements for electronics — these minerals are the building blocks of our energy transition.

Lithosquare radically speeds up mineral exploration by combining foundational AI, geological expertise, and real-world data — to reduce uncertainty, prioritize the right targets, reduce costs and accelerate discovery.

Based in Paris, Lithosquare gathered an exceptional team of geologists, scientists, AI engineers, and data specialists to work as one — from field sampling to model optimization — and push the boundaries of what’s possible.

About the job

As a Senior DevSecOps engineer, you will own the platform that runs our Geology OS and the services around it: multi-environment Kubernetes estates, infrastructure as code, GitOps delivery, and the observability and security practices that keep exploration and AI workloads reliable. Your mission is to turn clear engineering standards into repeatable automation — safe changes, fast recovery, and strong guardrails for sensitive data.

You will work closely with Software, AI, Data and Product Engineers to make the path from commit to production predictable and auditable, and to evolve our stack (cloud networking, identity, CI/CD, monitoring, and cost-aware operations) as the company scales. We value practical security (least privilege, secrets hygiene, supply-chain awareness) and operational clarity (SLOs, runbooks, incident learning).

The role is based in Paris with a flexible remote working policy.

What you’ll do

  • Platform & IaC: design and maintain Terraform (and related automation) for networking, identity, data services, and shared platform components across dev / staging / production and supporting accounts or projects.

  • Kubernetes operations: operate and improve clusters for internal and production-facing workloads: ingress, TLS, storage patterns, workload identity, and sane defaults for reliability and cost.

  • GitOps & delivery: evolve declarative cluster configuration and safe promotion patterns so platform and application changes are reviewable, traceable, and rollback-friendly.

  • CI/CD: own pipelines that plan, review, and apply infrastructure changes with strong gates (formatting, plans, approvals where appropriate) and keyless/OIDC-style authentication to clouds where possible.

  • Observability & SRE practices: maintain metrics, logging, and dashboards; define SLOs and alerting that reduce noise; drive post-incident improvements and capacity/cost awareness.

  • Security & compliance: embed security in the delivery lifecycle: RBAC, secrets management, image and dependency hygiene, and alignment with how we handle sensitive exploration and research data.

  • Resilience: backup/restore and disaster-recovery patterns for stateful platform services; practice restores and document runbooks.

  • Developer experience: streamline how engineers obtain environments, access internal tools (analytics, notebooks, workflow engines), and debug production-like issues — without compromising isolation or security.

  • Cross-functional collaboration: partner with AI, data, and geology stakeholders to translate their needs into durable platform contracts (SLAs, interfaces, quotas, and guardrails).

  • Tech advocacy: evaluate and adopt open-source and cloud-native tooling that improves safety, speed, or operability — with a bias for boring technology that scales.

Technical Stack

  • Languages & scripting: Python, Bash, YAML; comfort reading HCL (Terraform).

  • Cloud & multi-cloud: strong hands-on with at least one major hyperscaler; experience with multiple clouds or providers is a plus (networking, IAM, managed data primitives).

  • Containers & orchestration: Docker, Kubernetes (production experience), Helm/Kustomize-style composition as used in GitOps repos.

  • IaC & GitOps: Terraform; Flux (or equivalent GitOps controller) mindset: reconciled desired state, PR-based change flow.

  • CI/CD: GitHub Actions or similar; OIDC/workload identity patterns for cloud access; artifact and image promotion practices.

  • Networking & edge: ingress controllers, certificates (e.g. cert-manager class of tooling), internal vs external exposure patterns.

  • Observability: Prometheus-compatible metrics stacks, Grafana; pragmatic log and trace strategies.

  • Data-adjacent platform: comfort supporting workflow engines, analytics/BI, and notebook or research environments as platform workloads (not necessarily owning the data models themselves).

What we are looking for

  • 5+ years in DevOps, SRE, or platform engineering, with a track record of operating production systems (not only building demos).

  • Kubernetes depth: scheduling, networking, storage, upgrades, debugging; understanding failure modes and blast radius.

  • Terraform discipline: modules, state, workspaces or equivalent patterns; safe change management and code review culture for infra.

  • Security mindset: threat modeling at a practical level; secrets and identity done right; comfortable saying “no” or “not yet” when a shortcut creates durable risk.

  • SRE habits: SLIs/SLOs, alerting design, incident response, and toil reduction through automation.

  • Communication: you can explain trade-offs to non-infra engineers and document decisions so the team can onboard and operate without heroics.

  • Mission-driven: genuine interest in the energy transition and in supporting hard, physical-world problems with dependable software platforms.

Perks & Benefits

  • 🏢 Offices located in the heart of Paris

  • 🌱 Strong culture of ownership & entrepreneurship, with clear growth paths as the company expand

  • 🌍 Opportunity to significantly contribute to energy transition

  • 👥 Collaborative work environment with world-class experts in geology, AI, and data science

  • 🔄 Flexible work arrangements enabling work-life balance

  • 💰 Competitive salary package

  • 🍽️ Meal vouchers and premium health insurance coverage (Alan)

Join Lithosquare and help build the reliable, secure platform behind AI-driven Earth exploration - so our science and product teams can move fast without breaking trust or availability.

Department
Technology
Locations
Paris
Remote status
Hybrid
Technology · Paris · Hybrid

Senior DevSecOps Engineer

Loading application form

Already working at Lithosquare?

Let’s recruit together and find your next colleague.

@lithosquare.com
Applicant tracking system by Teamtailor