Site Reliability Engineer II in Falls Church, Virginia at Kastle Systems

Join the leader in providing smarter solutions for a safer world.

The property technology space is growing rapidly, and Kastle Systems is leading the way. Kastle Systems is the leader in managed security, with a track record of introducing innovative technologies to serve over 460M square feet of real estate globally. Clients span the commercial and multifamily real estate, education, and construction industries and the customers they serve. Delivering a world class customer experience drives everything we do, and Kastle’s mission is to be our customers’ best service provider and to ensure that their security the most effective, efficient and convenient. Kastle's integrated security solution, including access control, video, and remote video monitoring, significantly reduces costs and improves the critically important 24x7 performance for building owners, developers and tenants.

Site Reliability Engineer II

The SRE II sits at the intersection of software engineering and platform operations. You will own the reliability, scalability, and operational hygiene of Kastle’s core infrastructure – engineering away toil, hardening deployment pipelines, and partnering with product engineering teams to make new services production-ready from day one.

This is a mid-level individual contributor role. You are expected to execute technical work independently, drive reliability improvements end-to-end, and participate meaningfully in architecture discussions. You will carry on-call responsibilities as part of a shared rotation with a well-defined escalation model and a strong blameless post-incident review culture.

The team is in the middle of a meaningful platform evolution: formalizing multi-tier release pipelines (Dev → QA → Integration → UAT → Prod) with ArgoCD-based approval gates, building out SLI/SLO frameworks, and migrating toward full GitOps. You will be a hands-on contributor to all of it.

• Own and evolve the multi-stage deployment pipeline using ArgoCD, including approval gates, promotion policies, and rollback mechanisms.
• Maintain trunk-based branching discipline and enforce release governance standards across the engineering organization.
• Manage feature flag lifecycle – from creation and gradual rollout to deprecation – in coordination with product and QA teams.
• Build and maintain CI/CD pipelines that enable safe, frequent, and auditable deployments.

• Provision and manage Azure infrastructure using Terraform or OpenTofu, maintaining drift-free state aligned with GitOps principles.
• Own Kubernetes cluster operations including workload scheduling, resource optimization, RBAC, network policy, and cost governance.
• Identify and act on infrastructure cost optimization opportunities (compute rightsizing, storage tier selection, idle resource elimination).
• Support Crossplane or similar operator patterns for Kubernetes-native infrastructure management where applicable.

• Define, instrument, and enforce SLIs and SLOs in partnership with product engineering teams.
• Build and maintain observability infrastructure – metrics, logs, and distributed traces – using Prometheus, Grafana, OpenTelemetry, or equivalent tooling.
• Conduct proactive capacity planning and performance tuning across multi-tenant, distributed environments.
• Establish and maintain runbooks, dashboards, and alerting policies that reduce cognitive overhead during incidents.

• Participate in shared on-call rotation covering core platform and infrastructure services; on-call load is balanced across the team with structured handoff practices.
• Lead mitigation of live production incidents with a focus on minimizing MTTR and clear stakeholder communication under pressure.
• Facilitate blameless post-incident reviews and drive preventative engineering to closure – not just documentation.

• Embed with product engineering teams during design and architecture phases to establish reliability, scalability, and security requirements before code is written.
• Maintain clear, comprehensive documentation for infrastructure architecture, operational procedures, and onboarding guides.
• Push back constructively when proposed designs compromise reliability or operability, proposing alternatives rather than just raising concerns.

• Experience: 4–6 years in an SRE, Platform Engineering, or Infrastructure Engineering role, with demonstrated ownership of production systems.
• Cloud – Azure: Hands-on experience managing production infrastructure in Azure: AKS, Azure Container Registry, Azure Monitor, Cosmos DB, Key Vault, Azure Front Door, or equivalent services. AWS/GCP backgrounds considered with clear willingness to operate in Azure.
• Kubernetes: Deep operational experience with Kubernetes in production: resource management, network policies, RBAC, HPA/VPA, persistent volumes, and debugging live workload issues.
• GitOps & Release Tooling: Experience with ArgoCD, Flux, or equivalent GitOps deployment tools. Familiarity with multi-stage progressive delivery and approval gate patterns is a strong plus.
• Infrastructure as Code: Proven track record with Terraform, OpenTofu, or Pulumi in a production GitOps context – not just writing HCL, but maintaining drift-free state and managing state backends safely.
• Observability: Hands-on configuration of Prometheus, Grafana, OpenTelemetry, and/or ELK/OpenSearch. Ability to go from symptom to instrumentation to dashboard without hand-holding.
• Programming & Scripting: Proficiency in Python or Go for automation and tooling; strong Bash scripting. Ability to read and reason about application code when debugging production issues. Proficiency in C# and SQL for reviewing deliverables and participating in triage.
• Linux & Networking: Solid understanding of Linux internals, TCP/IP, DNS, TLS, and HTTP semantics. Comfortable debugging at the network and OS layer.

• Experience with Crossplane or other Kubernetes-native infrastructure operators.
• Familiarity with feature flag platforms (LaunchDarkly, Flagsmith, or similar) and gradual rollout strategies.
• Background in IoT, physical security, access control, or other latency-sensitive, event-driven domains.
• Comfort with async collaboration across distributed time zones (US + India team structure).
• Experience with AI-assisted development tooling and an appetite to incorporate it into engineering workflows.
• Knowledge of CMMC 2.0, SOC 2, or FedRAMP compliance postures as they apply to infrastructure and access control.