Truist Inc
Senior Platform Engineer Governance, Automation, and Enablement
We are seeking a highly skilled and hands-on Senior Platform Engineer to help engineer and scale enterprise-grade platform services that power consistent, secure, and compliant software delivery. This role focuses on designing, building, and maintaining foundational platform capabilitiesincluding change automation, asset lifecycle tracking, policy-as-code controls, and automated testing infrastructurethat enable high-velocity teams to deliver safely in regulated environments. The ideal candidate brings a software engineering mindset to platform problems, a deep understanding of declarative automation patterns, and experience working across platform domains to deliver reusable, standardized capabilities. Platform Engineering and Enablement
Design and build shared services and golden path tooling that standardize how teams manage change, track assets, and enforce policies across hybrid and cloud-native environments. Engineer modular, reusable automation patterns that enable developer self-service while ensuring compliance with enterprise requirements. Collaborate with architects and security stakeholders to translate platform governance requirements into codified controls and declarative enforcement logic. Change Management & Deployment Governance
Implement and maintain change automation pipelines that integrate with GitOps, CI/CD, and approval workflows, reducing friction while maintaining control integrity. Contribute to the platforms definition of done standards related to change visibility, audit trail completeness, rollback safety, and compliance readiness. Asset Lifecycle and Inventory Management
Contribute to the design and engineering of asset registration and classification systems for infrastructure, applications, APIs, secrets, and deployment artifacts. Develop integration patterns with enterprise CMDBs or asset graphs to support traceability, policy enforcement, and cost attribution across the lifecycle. Policy-as-Code and Compliance Automation
Implement policy-as-code frameworks (e.g., OPA/Gatekeeper, Kyverno, Sentinel) to enforce runtime, provisioning, and configuration policies in code pipelines. Build pre-commit and pre-deploy hooks to automate policy validation as part of SDLC, ensuring adherence to NIST, FFIEC, SOC2, and other regulatory standards. Deliver actionable feedback loops and policy exemptions aligned with secure-by-design and audit-friendly expectations. Test Engineering and Quality Automation
Contribute to the design and extension of automated test frameworks for both application and infrastructure componentsunit, integration, compliance, contract, and drift detection. Integrate testing standards into golden pipelines, templates, and platform scaffolding used by internal teams. Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time. Lead, guide, educate, and provide thought leadership to our delivery teams as related to their optimum adoption of DevSecOps practices and framework. Champion the use of DevSecOps as a strategic asset of culture change to enhance the flow of business value to our clients. Make informed decisions and determine which tool best fits any given situation based on proficiencies with multiple vendor products based on each of the above capabilities. Develop and recommend DevSecOps best practices. Use sophisticated, analytical thought to exercise judgment and design innovative solutions for the most complex components of the DevSecOps lifecycle. Works independently, with guidance in only the most complex situations. Provide technical and process guidance to junior team members. Build and maintain the automation and streamlining of software delivery and operations for new or existing software applications through advanced proficiency and subject matter expertise in vendor tools in the DevOps lifecycle including: Infrastructure as Code; Agile and Development Lifecycle Management; Source Code Management; Build Orchestration; Build Management; Artifact Repository Management; Behavior Driven Development; Test Driven Development; Automated Testing including Unit Testing, Integration Testing, Functional Testing, Smoke Testing, Regression Testing, Stress Testing, and Performance Testing; Static Code Analysis; Load and Performance Testing; Artifact Scanning; Database Schema Management, Orchestration and Recovery; Compliance Automation and Audit Trails; Configuration Management; Containers; Application Release Automation; Deployment Strategies and Patterns including Blue/Green Deployment, Canary Releases, and Rolling Releases; Logging and Log Analytics; and Performance Monitoring and Management. Liaise with DevSecOps Center for Enablement (C4E) to ensure that Enterprise tools or practices are followed, and to share information about any team specific tools or practices that may benefit other teams. Active participant with the Truist Agile Guild and Agile DevOps Communities of Practice. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Bachelor's degree in Business or Computer Science and ten+ years of experience in software engineering or IT including at least four years of experience in a role in which the primary responsibility is git based application code development and/or DevOps Engineering and/or the development, maintenance, and support of CI/CD pipelines or appropriate combination of industry related professional experience and education Foundational cloud architecture knowledge Must demonstrate ability to write code Must demonstrate ability to construct basic application build pipeline Hands-on experience with platform infrastructure tools such as: Terraform, Helm, ArgoCD, GitHub Actions, Jenkins, Backstage, Kustomize Experience building automated workflows for change, asset, or compliance lifecycle management in regulated environments. Demonstrated success implementing policy-as-code solutions in CI/CD pipelines (e.g., OPA, Kyverno, Sentinel). Proficiency in at least one scripting or infrastructure language (e.g., Python, Go, TypeScript, Bash). Understanding of audit and regulatory control requirements in industries like finance, healthcare, or insurance (e.g., SOX, FFIEC, NIST 800-53/137). Strong communication and documentation skills, with a track record of collaborating across platform, security, and compliance domains. Experience integrating with enterprise CMDBs, asset discovery tools, or telemetry-driven asset classification solutions. Familiarity with ServiceNow Change & Asset modules, or similar ITSM platforms, and experience driving automation around them. Experience developing or contributing to internal developer platforms (IDPs) or developer onboarding scaffolding. Prior contributions to reusable platform scaffolding, controller patterns, or GitOps operator frameworks. Experience with compliance-as-code, GRC tooling integration, or mapping code-based controls to enterprise risk frameworks. Sitting Constantly (More than 50% of the time) Standing Occasionally (Less than 25% of the time) Walking Occasionally (Less than 25% of the time) Visual / Audio / Speaking Able to access and interpret client information received from the computer and able to hear and speak with individuals in person and on the phone. Manual Dexterity / Keyboarding Able to work standard office equipment, including PC keyboard and mouse, copy/fax machines, and printers. Availability Able to work all hours scheduled, including overtime as directed by manager/supervisor and required by business need. Travel Minimal and up to 10% All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position. Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truists generous benefit plans, please visit our Benefits site. Truist is an Equal Opportunity Employer that does not discriminate on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status, or other classification protected by law. Truist is a Drug Free Workplace.
We are seeking a highly skilled and hands-on Senior Platform Engineer to help engineer and scale enterprise-grade platform services that power consistent, secure, and compliant software delivery. This role focuses on designing, building, and maintaining foundational platform capabilitiesincluding change automation, asset lifecycle tracking, policy-as-code controls, and automated testing infrastructurethat enable high-velocity teams to deliver safely in regulated environments. The ideal candidate brings a software engineering mindset to platform problems, a deep understanding of declarative automation patterns, and experience working across platform domains to deliver reusable, standardized capabilities. Platform Engineering and Enablement
Design and build shared services and golden path tooling that standardize how teams manage change, track assets, and enforce policies across hybrid and cloud-native environments. Engineer modular, reusable automation patterns that enable developer self-service while ensuring compliance with enterprise requirements. Collaborate with architects and security stakeholders to translate platform governance requirements into codified controls and declarative enforcement logic. Change Management & Deployment Governance
Implement and maintain change automation pipelines that integrate with GitOps, CI/CD, and approval workflows, reducing friction while maintaining control integrity. Contribute to the platforms definition of done standards related to change visibility, audit trail completeness, rollback safety, and compliance readiness. Asset Lifecycle and Inventory Management
Contribute to the design and engineering of asset registration and classification systems for infrastructure, applications, APIs, secrets, and deployment artifacts. Develop integration patterns with enterprise CMDBs or asset graphs to support traceability, policy enforcement, and cost attribution across the lifecycle. Policy-as-Code and Compliance Automation
Implement policy-as-code frameworks (e.g., OPA/Gatekeeper, Kyverno, Sentinel) to enforce runtime, provisioning, and configuration policies in code pipelines. Build pre-commit and pre-deploy hooks to automate policy validation as part of SDLC, ensuring adherence to NIST, FFIEC, SOC2, and other regulatory standards. Deliver actionable feedback loops and policy exemptions aligned with secure-by-design and audit-friendly expectations. Test Engineering and Quality Automation
Contribute to the design and extension of automated test frameworks for both application and infrastructure componentsunit, integration, compliance, contract, and drift detection. Integrate testing standards into golden pipelines, templates, and platform scaffolding used by internal teams. Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time. Lead, guide, educate, and provide thought leadership to our delivery teams as related to their optimum adoption of DevSecOps practices and framework. Champion the use of DevSecOps as a strategic asset of culture change to enhance the flow of business value to our clients. Make informed decisions and determine which tool best fits any given situation based on proficiencies with multiple vendor products based on each of the above capabilities. Develop and recommend DevSecOps best practices. Use sophisticated, analytical thought to exercise judgment and design innovative solutions for the most complex components of the DevSecOps lifecycle. Works independently, with guidance in only the most complex situations. Provide technical and process guidance to junior team members. Build and maintain the automation and streamlining of software delivery and operations for new or existing software applications through advanced proficiency and subject matter expertise in vendor tools in the DevOps lifecycle including: Infrastructure as Code; Agile and Development Lifecycle Management; Source Code Management; Build Orchestration; Build Management; Artifact Repository Management; Behavior Driven Development; Test Driven Development; Automated Testing including Unit Testing, Integration Testing, Functional Testing, Smoke Testing, Regression Testing, Stress Testing, and Performance Testing; Static Code Analysis; Load and Performance Testing; Artifact Scanning; Database Schema Management, Orchestration and Recovery; Compliance Automation and Audit Trails; Configuration Management; Containers; Application Release Automation; Deployment Strategies and Patterns including Blue/Green Deployment, Canary Releases, and Rolling Releases; Logging and Log Analytics; and Performance Monitoring and Management. Liaise with DevSecOps Center for Enablement (C4E) to ensure that Enterprise tools or practices are followed, and to share information about any team specific tools or practices that may benefit other teams. Active participant with the Truist Agile Guild and Agile DevOps Communities of Practice. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. Bachelor's degree in Business or Computer Science and ten+ years of experience in software engineering or IT including at least four years of experience in a role in which the primary responsibility is git based application code development and/or DevOps Engineering and/or the development, maintenance, and support of CI/CD pipelines or appropriate combination of industry related professional experience and education Foundational cloud architecture knowledge Must demonstrate ability to write code Must demonstrate ability to construct basic application build pipeline Hands-on experience with platform infrastructure tools such as: Terraform, Helm, ArgoCD, GitHub Actions, Jenkins, Backstage, Kustomize Experience building automated workflows for change, asset, or compliance lifecycle management in regulated environments. Demonstrated success implementing policy-as-code solutions in CI/CD pipelines (e.g., OPA, Kyverno, Sentinel). Proficiency in at least one scripting or infrastructure language (e.g., Python, Go, TypeScript, Bash). Understanding of audit and regulatory control requirements in industries like finance, healthcare, or insurance (e.g., SOX, FFIEC, NIST 800-53/137). Strong communication and documentation skills, with a track record of collaborating across platform, security, and compliance domains. Experience integrating with enterprise CMDBs, asset discovery tools, or telemetry-driven asset classification solutions. Familiarity with ServiceNow Change & Asset modules, or similar ITSM platforms, and experience driving automation around them. Experience developing or contributing to internal developer platforms (IDPs) or developer onboarding scaffolding. Prior contributions to reusable platform scaffolding, controller patterns, or GitOps operator frameworks. Experience with compliance-as-code, GRC tooling integration, or mapping code-based controls to enterprise risk frameworks. Sitting Constantly (More than 50% of the time) Standing Occasionally (Less than 25% of the time) Walking Occasionally (Less than 25% of the time) Visual / Audio / Speaking Able to access and interpret client information received from the computer and able to hear and speak with individuals in person and on the phone. Manual Dexterity / Keyboarding Able to work standard office equipment, including PC keyboard and mouse, copy/fax machines, and printers. Availability Able to work all hours scheduled, including overtime as directed by manager/supervisor and required by business need. Travel Minimal and up to 10% All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position. Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truists generous benefit plans, please visit our Benefits site. Truist is an Equal Opportunity Employer that does not discriminate on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status, or other classification protected by law. Truist is a Drug Free Workplace.