Senior Site Reliability Engineer — Minneapolis, MN

Position Overview:

The Instant Financial Issuance as a Service (IFIaaS) Cloud Service includes a wide array of components including web services, application servers, and databases hosted in an on-prem environment. The Sr. Site Reliability Engineer (SRE) will be responsible for ensuring that the SaaS platform is reliable, available, and performant, as well as scalable, secure, and cost-effective. Ultimately, the individual will be responsible for the platform uptime, functional management of all the IFIaaS cloud environments, applications, networks, scoping projects, and the resolution of application and network issues.

How You Can Make an Impact:

The Instant Financial Issuance as a Service (IFIaaS) Cloud Platform spans multiple on‑prem environments. The Senior Site Reliability Engineer (SRE) will play a critical role in ensuring the platform’s reliability, scalability, security, and operational excellence across these geographically distributed environments. Given the asymmetric nature of our data centers, the SRE will design and operate systems that prioritize local HA while ensuring effective, tested, and compliant failover for DR scenarios. This role includes responsibility for platform uptime, environment management, network and application reliability, observability, automation maturity, compliance, and operational excellence.

Responsibilities

• Own SLOs/SLIs for availability (99.9%), latency, error rate, and quality of service across microservices.
• Design/operate end‑to‑end observability: metrics, logs, traces, synthetic checks, real‑user monitoring (RUM).
• Instrument services (Windows services, APIs, background jobs) with structured logs and trace context.
• Build health probes and SLA monitors for critical transactions and cross-service dependencies.
• Monitor system issues using various metrics, such as uptime, latency, error rate, throughput, and availability
• Deploy and maintain monitoring and on-call tools i.e.: Splunk on-call, Prometheus, Datadog, etc.
• Lead incident response (triage, comms, coordination, real-time mitigation) and conduct blameless postmortems with actionable follow-ups.
• Maintain and continuously improve runbooks, escalation paths, on call rotations, and paging policies.
• Implement MTTA/MTTR reduction programs.
• Stand up war room protocols and ensure stakeholder updates during incidents.
• Forecast compute, storage, network needs, track headroom against growth and peak patterns.
• Conduct performance profiling and bottleneck analyses (CPU, memory, I/O, thread pools, connection pools).
• Optimize resource allocation on VMware (DRS, affinity rules, reservations) and Windows VM tuning (kernel, TCP stack, NICs).
• Validate scaling strategies (horizontal vs. vertical) and implement auto-scaling where supported.
• Standardize gold images, configuration baselines, and desired state for Windows Server (PowerShell DSC or equivalent).
• Manage patching (OS, middleware, runtime) with maintenance windows aligned to error budgets.
• Ensure backup, snapshot, and restore strategies meet RPO/RTO; regularly test restores.
• Maintain secure baselines (CIS benchmarks for Windows/VMware), vulnerability management, and patch cadence.
• Support compliance audits (PCI-CP, PCI-DSS, SOC 2/ISO 27001), produce evidence (configs, logs, access reviews), and remediate gaps.
• Automate provisioning (VM templates, DSC/Ansible for Windows, Terraform for VMware) and configuration drift detection/correction.
• Build runbooks to reduce toil (deploy, scale, rollback, etc)
• Create reliability guardrails (pre‑flight checks, change freeze rules, policy controls) as code.
• Continuously refactor scripts/runbooks into idempotent automation.
• Collaborate with development teams and other stakeholders to identify potential risks, such as security vulnerabilities, performance bottlenecks, deployment issues, or configuration errors
• implement various risk mitigation strategies, such as patching, backup, redundancy, encryption, or testing
• Collaborate with product teams and other teams to understand the user needs, expectations, and satisfaction.
• Coach engineers on SRE principles, incident handling, and reliability centric design.
• Lead knowledge sharing, runbooks quality, and postmortem culture (blameless, action-oriented).
• Provide after-hours support for production issues on a rotational basis with other team members to ensure system availability 24/7/365.

Basic Qualifications

• 5+ years of experience in SRE, DevOps, or Software Engineering roles supporting distributed, production-grade environments, with strong skills in troubleshooting microservices, Windows/VMware systems, and on‑prem hybrid infrastructure.
• Hands‑on experience with automation and observability, including Terraform/Ansible/DSC, CI/CD pipelines, logs/metrics/tracing systems, and enterprise monitoring tools such as Datadog, Prometheus, or Splunk.
• Demonstrated capability with infrastructure automation tools (Terraform, Ansible, Jenkins, Octopus, PowerShell DSC, etc.).
• Proficiency in VMware, Windows Server administration, networking fundamentals, and system‑level performance analysis.
• Hands‑on experience operating and troubleshooting enterprise microservices, APIs, and distributed application stacks in on‑prem/hybrid infrastructure.
• Must have: Ability to provide after-hours production support on a rotational basis to ensure 24/7/365 system availability.

Preferred Qualifications

• Demonstrated integrity and accountability, including reliability, ownership of mistakes, and commitment to high operational standards across compliance-sensitive environments (PCI‑DSS, PCI‑CP, SOC2).
• High self‑confidence, strong presentation and communication abilities, and a history of leading through example, helping establish a culture of operational excellence and continuous improvement.
• Leadership behaviors, including initiative, thoughtful risk‑taking, reflective decision‑making, and the ability to take action confidently amid uncertainty.

Where you will be: This hybrid role requires three in‑office days per week in Minneapolis, Ottawa, Colorado, or Dallas, as outlined in the job description. Entrust operates with a distributed workforce.

About Entrust:

Entrust keeps the world moving safely by enabling trusted identities, payments and data protection around the globe. Today more than ever, people demand seamless, secure experiences, whether they’re crossing borders, making a purchase, or accessing corporate networks. With our unmatched breadth of digital security and credential issuance solutions, it’s no wonder the world’s most entrusted organizations trust us.

For more information, visit www.entrust.com. Follow us on, LinkedIn, Facebook, Instagram, and YouTube

Entrust Corporation is an EOE/AA/Veteran/People with Disabilities employer.

NO AGENCIES, NO RELOCATION

#LI-GR1

#ENT123