Contract SRE / Platform Engineer — (GitHub, Datadog, ServiceNow, Jira, CircleCI, Jenkins)

Posted 2 hours ago

Worldwide

Summary

What this is We're a seed-stage company building cryptographic incident-evidence infrastructure for regulated firms. Our product connects to a customer's existing stack — source control, monitoring, deployment pipelines, and delivery destinations like ServiceNow and Jira — and produces signed receipts attributing incidents to code changes. Our biggest risk isn't the application UI. It's the moment our Connections layer meets a real vendor system — where a correlation field is named something we didn't expect, a workflow got renamed, a webhook secret rotated, or a squash-merge changed which commit SHA shows up. Each of our integrations ships with a "validate this against the customer's actual system before go-live" step. We want that validation done once, by you, before a customer does it for us. What you'll do Stand up the real constellation — your own sandboxes, not mocks: A GitHub org with real repos, PRs, squash/rebase/merge-commit histories, and Actions workflows A Datadog trial (and/or Sentry) emitting real alerts A ServiceNow developer instance and a Jira/JSM sandbox CircleCI and a Jenkins box you control A Slack workspace and webhook/email endpoints Then run every connect flow, correlation match, and go-live step as an adversarial customer — someone who does the slightly-wrong, entirely-realistic thing: Point a connection at the wrong correlation field, a field that exists but isn't populated, or one populated inconsistently Rename a workflow / environment after connecting and confirm the system surfaces it instead of silently guessing Rotate a signing secret mid-stream and verify the rotation-overlap behaves and old signatures stop verifying Push squash merges and confirm deploy events still join to the right change (or land "unlinked" honestly, never guessed) Send unsigned, replayed, malformed, and stale webhook deliveries and confirm they're rejected and logged, never acted on Drive the correlation matcher toward zero / ambiguous / wrong-tenant matches and confirm it attaches to the right ticket or none Confirm every "source reads Live only after a real event" and "read-only, never writes back" claim actually holds against the live vendor Deliverable A findings report an engineer can act on: environment setups documented (so we can reproduce them), each behavior verified or flagged, with repro steps, the vendor-side configuration that triggered it, and severity — weighted toward anything where we'd attach to the wrong record, trust an unverified event, or write back to a system we promised we'd only read. You're a strong fit if you Work as an SRE / platform / DevOps engineer and have wired up these systems for real — webhooks, OAuth apps, CI/CD pipelines, ServiceNow/Jira integrations Are comfortable spinning up and configuring vendor sandboxes independently, from their docs Think like an operator who's seen integrations break in production — you know the difference between "works in the demo" and "works on a customer's actual Jenkins with their quoting and their agents" Can script harnesses (bash/Python) to generate events, sign payloads, and replay traffic Bonus: exposure to HMAC/webhook signing, correlation/matching logic, or regulated-industry change-management (ServiceNow/JSM in anger) Not a fit if you're primarily an app QA tester (we have that role separately), need the environments handed to you pre-built, or want an advisory/architecture engagement — this is hands-on-keyboard integration testing. To apply Skip the generic pitch. In under a page, tell us: An integration you've built or operated that broke in a way that only showed up against the real vendor system — what the gap was between "worked in staging" and "worked in production," and how you'd have caught it earlier. Which of the systems above you can stand up yourself, and roughly how fast. Strong applicants move to a short paid trial: stand up one integration (your choice from our stack) against a real sandbox, run the connect + go-live flow, and send us the findings. Two hours of real work tells us more than any interview.

  • Less than 30 hrs/week
    Hourly
  • < 1 month
    Duration
  • Entry level
    Experience Level
  • $10.00

    -

    $15.00

    Hourly
  • Remote Job
  • One-time project
    Project Type
Skills and Expertise
Mandatory skills
DevOps
Jenkins
Git
CI/CD
Activity on this job
  • Proposals:15 to 20
  • Last viewed by client:2 hours ago
  • Interviewing:
    7
  • Invites sent:
    12
  • Unanswered invites:
    5
About the client
Member since Mar 16, 2011
  • United States
    New York3:57 PM
  • $67K total spent
    53 hires, 6 active
  • 2,881 hours

Explore similar jobs on Upwork

Docker
DevOps
Linux System Administration
Amazon Web Services
DevOps
Docker
Kubernetes
CI/CD
CI/CD Platform
Linux System Administration
Containerization
Git
Database

How it works

  • Post a job icon
    Create your free profile
    Highlight your skills and experience, show your portfolio, and set your ideal pay rate.
  • Talent comes to you icon
    Work the way you want
    Apply for jobs, create easy-to-by projects, or access exclusive opportunities that come to you.
  • Payment simplified icon
    Get paid securely
    From contract to payment, we help you work safely and get paid securely.
Want to get started? Create a profile

About Upwork

  • Rating is 4.9 out of 5.
    4.9/5
    (Average rating of clients by professionals)
  • G2 2021
    #1 freelance platform
  • 49,000+
    Signed contract every week
  • $2.3B
    Freelancers earned on Upwork in 2020

Find the best freelance jobs

Growing your career is as easy as creating a free profile and finding work like this that fits your skills.

Trusted by

  • Microsoft Logo
  • Airbnb Logo
  • Bissell Logo
  • GoDaddy Logo