Principal DevOps Engineer

Remote from
USA
Salary, yearly, USD
180,000 - 230,000
Employment type
Full Time,
Job posted
Apply before
1 Aug 2026
Experience level
Director
Views / Applies
38 / 2

About NBCUniversal

NBCUniversal is a leading media and entertainment company that creates and distributes high-quality content across various platforms.

Actively Hiring
Verified job posting
This job post has been manually reviewed for authenticity and compliance.

AI Summary

NBCUniversal seeks a Principal DevOps Engineer to architect a Kubernetes-native platform for broadcast production environments. This role involves designing cloud infrastructure, developing Go-based services, and leading technical strategy across multi-account AWS and hybrid cloud setups. The engineer will drive platform vision, automate provisioning, and mentor teams while collaborating with broadcast systems engineers. This position offers a competitive salary in the media and entertainment industry.

Role DNA

Job Complexity
Easy Hard
Pace & Pressure
Relaxed Fast-paced
Autonomy Level
Guided Full Ownership
Communication Load
Independent Highly Collaborative
AI Insight The role requires deep expertise in Kubernetes, Go, and cloud-native architectures, along with leadership in designing complex, high-stakes broadcast infrastructure, warranting a difficulty rating of 5.

Salary Analysis

Median Market Rate
USD205,000
US Market
USD170k โ€“ 260k
0 USD286k
AI Insight The offered salary range of $180,000-$230,000 is highly competitive for a Principal DevOps Engineer, aligning with the top percentile of market rates for senior roles in media tech. The median of $205,000 reflects strong compensation for the level of expertise required.

Dear Hiring Manager,

I am excited to apply for the Principal DevOps Engineer role at NBCUniversal. With over a decade of experience architecting Kubernetes-native platforms and leading cloud infrastructure transformations, I am eager to bring my expertise to support NBC's broadcast production environments. My background includes designing custom controllers and operators in Go, implementing GitOps workflows, and scaling systems across multi-account AWS landscapes.

In my previous role, I led the development of a platform that automated provisioning for live production, reducing deployment times by 60%. I am particularly drawn to NBCUniversal's commitment to innovation and its impact on global media. I look forward to the opportunity to drive technical vision and mentor a talented team.

Thank you for considering my application. I am enthusiastic about the chance to contribute to NBCUniversal's legacy of excellence.

Describe your experience designing and implementing a Kubernetes-native platform for large-scale infrastructure automation.
In my previous role, I architected a platform using Kubernetes operators and Custom Resource Definitions to manage cloud resources across multiple AWS accounts. I implemented Crossplane compositions and GitOps workflows to automate provisioning, resulting in a 70% reduction in manual configuration.
How do you approach mentoring junior engineers while maintaining high delivery velocity?
I believe in leading by example and pair programming on complex tasks. I establish coding standards, conduct regular code reviews, and create internal documentation. I also allocate time for tech talks and encourage team members to contribute to open-source projects.
Explain a time you had to integrate an external system (e.g., DNS, certificate management) into a Kubernetes control plane.
I developed a custom Crossplane provider for Infoblox to manage DNS records as Kubernetes resources. This involved building Go controllers to handle CRUD operations and reconciliation loops, ensuring seamless integration with our platform's networking layer.
What strategies do you use to ensure high availability and resilience in a live broadcast environment?
I prioritize multi-region deployments with failover mechanisms, use pod anti-affinity and PDBs, and implement robust monitoring with Prometheus and Grafana. I also conduct chaos engineering experiments to validate system resilience under failure conditions.
How do you stay updated with the rapidly evolving cloud-native ecosystem?
I actively contribute to open-source projects like Crossplane and Kubernetes, attend KubeCon conferences, and follow CNCF landscape updates. I also maintain a personal lab environment to experiment with new tools and patterns.

Company Description

NBCUniversal is one of the world’s leading media and entertainment companies. We create world-class content, which we distribute across our portfolio of film, television, and streaming, and bring to life through our global theme park destinations, consumer products, and experiences. We own and operate leading entertainment and news brands, including NBC, NBC News, NBC Sports, Telemundo, NBC Local Stations, Bravo, and Peacock, our premium ad-supported streaming service. We produce and distribute premier filmed entertainment and programming through our powerhouse film and television studios, including Universal Pictures, DreamWorks Animation, and Focus Features, and the four global television studios under the Universal Studio Group banner, and operate industry-leading theme parks and experiences around the world through Universal Destinations & Experiences, including Universal Orlando Resort, home to Universal Epic Universe, and Universal Studios Hollywood. NBCUniversal is a subsidiary of Comcast Corporation. Visit www.nbcuniversal.com for more information.

Our impact is rooted in improving the communities where our employees, customers, and audiences live and work. We have a rich tradition of giving back and ensuring our employees have the opportunity to serve their communities. We champion an inclusive culture and strive to attract and develop a talented workforce to create and deliver a wide range of content reflecting our world.

Job Description

We are looking for a Principal DevOps Engineer to architect and evolve the platform that powers NBCโ€™s broadcast production environments. As a senior technical leader on the NBC Production Application Engineering team, you will design a Kubernetes-native platform that automates the provisioning, lifecycle management, and delivery of cloud infrastructure at enterprise scale.

Our team leverages infrastructure-as-code, custom Kubernetes controllers, and GitOps workflows to orchestrate resources across complex multi-account and hybrid cloud environments. Built to support the complex demands of live broadcast production, this platform spans compute provisioning, dynamic software defined networking, hybrid DNS models, remote Virtual Desktop Infrastructure (VDI), and robust configuration management via Puppet. Because we operate at the cutting edge of the cloud-native ecosystem, we are never shy about contributing upstream to the open-source projects we rely on to improve our solutions and push the industry forward.

In this role, you will drive the technical vision of the platform. You will write production Go services, architect cloud-native solutions, and establish the engineering standards our teams rely on. This role requires deep fluency across Kubernetes internals, cloud infrastructure, Go systems programming, and a passion for mentoring engineers.

PRIMARY RESPONSIBILITIES:

  • Platform Architecture & Vision: Architect a Kubernetes-native platform that models broadcast infrastructure as custom resources. Lead the technical strategy leveraging Crossplane compositions and custom Go functions to automate provisioning across multi-account AWS environments and on-prem control rooms.
  • Systems Engineering & Integrations: Design, build, and maintain production-grade Kubernetes operators, controllers, and internal platform APIs in Go. You will actively develop custom Crossplane providers to deeply integrate external enterprise platforms (such as NRCS, Venafi, and Infoblox) into our control plane, managing resource lifecycles and approval workflows.
  • Infrastructure & Networking Delivery: Lead the design of cloud networking, DNS strategies, and cross-account connectivity across hybrid environments, automating VPC topology and dynamic network routing.
  • Cross-Discipline Collaboration: Partner closely with broadcast systems engineers, system integrators, and external vendors to bridge the gap between broadcast hardware and automated infrastructure. You will lead efforts to “Puppet-ize” bare-metal compute configurations and integrate proprietary vendor solutions into our configuration-as-code ecosystem.
  • Technical Leadership: Serve as a technical authority for the team. Write RFCs, drive architectural decisions, mentor engineers, and establish high-confidence CI/CD pipelines, testing strategies, and GitHub Actions automation.
  • Access & Security Strategy: Own the platform’s authorization model, designing hierarchical RBAC systems, resource identifier schemes, and identity integrations that enforce fine-grained access control.
  • Operational Excellence: Drive GitOps-based continuous delivery (Flux, Kustomize, Helm) and manage configuration-as-code for compute fleets using Puppet. Ensure deep operational visibility by designing comprehensive observability and alerting stacks.
  • VDI Integration: Oversee the integration of remote desktop/VDI connectivity solutions, focusing on session authentication, credential management, and gateway routing.

Qualifications

  • Experience: 10+ years of experience designing, building, and operating production infrastructure and cloud-native platforms at enterprise scale.
  • Software Engineering: Strong proficiency in Go (systems-level programming, API servers) and deep experience building Kubernetes controllers/operators using patterns like controller-runtime and kubebuilder.
  • Kubernetes Internals: Expert-level knowledge of the Kubernetes ecosystem, including CRD/XRD generation, operators, informers, admission webhooks, and RBAC.
  • Crossplane & Control Planes: Deep production experience with Crossplane, including composite resources, composition functions, and specifically developing custom Crossplane providers in Go to integrate external enterprise platforms.
  • AWS & Networking: Extensive production experience with AWS multi-account architectures, cross-account networking patterns, and identity federation. Requires depth across EKS, EC2, VPC, IAM, STS, SSM, Secrets Manager, Route 53, and S3.
  • GitOps Delivery: Production experience with GitOps tooling, specifically Flux (HelmRelease, Kustomization) or ArgoCD for continuous delivery on Kubernetes.
  • Configuration Management: Hands-on experience with Puppet, including module development, PuppetDB, Hiera, and r10k.
  • APIs & Security: Experience designing REST APIs with middleware patterns and modern authentication (OAuth/JWT). Keen eye for information security, including cross-account IAM trust chains, least-privilege policies, JWT token lifecycles, and secrets abstraction.
  • Observability: Strong background in designing telemetry platforms using Grafana, Prometheus/Mimir, Loki, OpenTelemetry, and metrics collection agents (Alloy, Prometheus Node Exporter).
  • Databases: Working knowledge of PostgreSQL, SQLite or similar relational databases, encompassing schema design, migrations, and query optimization.
  • Communication: Excellent problem-solving skills with a proven ability to present architectural decisions to executives, engage with vendors, and write clear technical documentation.

PREFERRED QUALIFICATIONS:

  • Familiarity with broadcast/media production workflows and the strict operational constraints of live production environments.
  • Experience with the Crossplane function SDK for building custom composition functions in Go, and operating in Kubernetes disaster recovery situations (Velero cluster restoration, backups).
  • Familiarity with VDI Solutions (NICE DCV, Leostream, PCoIP, etc), machine identity workflows, and PKI certificate management (Venafi or similar).
  • Networking & Gateway: Experience with hybrid DNS architectures (Infoblox), software-defined networking (VPC peering, Transit Gateway, Direct Connect, CloudWan), and Envoy Gateway / Gateway API.
  • Ecosystem Tooling: Familiarity with advanced testing frameworks (k6, KUTTL, etc), SOPS for encrypted GitOps configurations, and local development workflows (Air, kind/colima).
  • Scripting: Ability to script routine tasks in Bash and PowerShell.
  • Open Source: Active contributions to open-source projects, particularly within the CNCF / Kubernetes ecosystem.

Fully Remote:โ€ฏThis position has beenย designatedย as fully remote, meaning that the position is expected to contribute from aย non-NBCUniversalย worksite, most commonly an employeeโ€™s residence.ย 

  • This position is eligible for company sponsored benefits, including medical, dental and vision insurance, 401(k), paid leave, tuition reimbursement, and a variety of other discounts andย perks. Learn more about the benefits offered by NBCUniversal by visiting theโ€ฏBenefits pageโ€ฏof the Careers website. Salary range: $180,000 – $230,000โ€ฏ(bonus eligible)ย 

Additional Information

As part of our selection process, external candidates may be required to attend an in-person interview with an NBCUniversal employee at one of our locations prior to a hiring decision. NBCUniversal’s policy is to provide equal employment opportunities to all applicants and employees without regard to race, color, religion, creed, gender, gender identity or expression, age, national origin or ancestry, citizenship, disability, sexual orientation, marital status, pregnancy, veteran status, membership in the uniformed services, genetic information, or any other basis protected by applicable law.ย 

If you are a qualified individual with a disability or a disabled veteran, you have the right to request a reasonable accommodation if you are unable or limited in your ability to use or accessย nbcunicareers.comย as a result of your disability. You can request reasonable accommodations by emailingย [email protected].

For LA County and City Residents Only: NBCUniversal will consider for employment qualified applicants with criminal histories, or arrest or conviction records, in a manner consistent with relevant legal requirements, including the City of Los Angeles’ Fair Chance Initiative For Hiring Ordinance, the Los Angeles County Fair Chance Ordinance for Employers, and the California Fair Chance Act, where applicable.

Apply now >

This job listing has been manually reviewed by the Jobicy Trust & Safety Team for compliance with our posting guidelines, including verification of the company's legitimacy, accuracy of job details, clarity of remote work policy, and absence of misleading or fraudulent content.

How to apply

Did you apply? Let us know, and weโ€™ll help you track your application.

See a few more

Similar DevOps & Infrastructure remote jobs

Job Search Safety Tips

Here are some tips to help you search and apply for jobs safely:
Watch out for suspicious jobs Don't apply for jobs that offer high pay for little work or offer to hire you without an interview. Read more โ€บ
Check the employer's profile Make sure you're applying for a trustworthy job by visiting the employer's profile and learning more about them. Read more โ€บ
Protect your information Don't share personal details like your bank account or government-issued ID on suspicious websites or messengers. Read more โ€บ
Report jobs that feel unsafe If you see a job that seems misleading, inappropriate or discriminatory, report it for going against our policies and we'll review it.

Share this job

Jobicy+ Subscription

Jobicy

617 professionals pay to access exclusive and experimental features on Jobicy

Free

USD $0/month

For people just getting started

  • • Unlimited applies and searches
  • • Access on web and mobile apps
  • • Weekly job alerts and digest
  • • Access to additional tools like Bookmarks, Applications, and more

Plus

USD $8/month

Everything in Free, and:

  • • Ad-free experience
  • • Daily job alerts and digest
  • • Personal career consultant
  • • AI-powered job advice
Go to account โ€บ