GTM DevOps Engineer

At ClickUp, we're building the future of work: the first truly converged AI workspace unifying tasks, docs, chat, calendar, and enterprise search, all supercharged by context-driven AI. We are an AI-native company. Every team member is expected to leverage AI daily, and we evaluate AI fluency as part of our hiring process. Join us and help redefine what's possible. 🚀

We are looking for a GTM DevOps Engineer to join our Business Systems team and own the reliability, automation, and delivery infrastructure behind our Go-To-Market (GTM) technology stack. This role sits at the intersection of platform reliability and CI/CD engineering, ensuring that our critical business systems — including Salesforce, NetSuite, MuleSoft, Workato, and an expanding portfolio of AI-powered workloads — are deployed consistently, operate resiliently, and scale with the business.

You will partner closely with Business Systems developers, architects, and business stakeholders to build and maintain the pipelines, monitoring frameworks, and operational standards that keep our GTM systems healthy and our release cycles fast and predictable. As our team builds and deploys AI agents across GCP Cloud Run and AWS Bedrock AgentCore, you will serve as the infrastructure and deployment owner for these workloads — bringing engineering discipline to an environment where AI-generated code is increasingly entering production. This is a hands-on engineering role for someone who thrives in complexity, takes ownership of platform uptime, and brings a software engineering mindset to business application operations — directly supporting GTMSOE's broader mission of operational excellence across the GTM org.

• Design, build, and maintain CI/CD pipelines for Salesforce (SFDX/Salesforce CLI), NetSuite (SuiteScript/SuiteBundler), MuleSoft (Anypoint Platform), and Workato; establish branching strategies, environment promotion standards, and release gating processes across all GTM platforms.

• Extend CI/CD practices to cover AI agent workloads deployed on GCP Cloud Run and AWS Bedrock AgentCore — including containerized builds, deployment pipelines, and automated validation gates.

• Implement safe rollout patterns — including feature toggles, phased launches, automated validation, smoke tests, and rollback procedures — to reduce deployment risk on business-critical changes.

• Own SLA/SLO definitions for core GTM systems; standardize monitoring, alerting, and runbook patterns across quote-to-cash and GTM integrations, with proactive health checks and synthetic monitoring for critical flows (e.g., Salesforce ↔ NetSuite, Workato).

• Extend observability coverage to GCP Cloud Run workloads — Cloud Scheduler jobs, agent pipelines, and integration microservices — and AWS-hosted agent infrastructure.

• Conduct root cause analysis (RCA) for platform incidents and drive post-incident reviews with actionable remediation plans.

• Manage sandbox, staging, and production environment lifecycles across GTM platforms — including refresh cycles, data masking, environment segmentation, and promotion standards that balance speed with reliability.

• Own cloud infrastructure for Business Systems-operated workloads on GCP (Cloud Run, Cloud Scheduler, Cloud Secret Manager, GCS, Artifact Registry) and AWS (Lambda, S3, EventBridge, Secrets Manager, Bedrock AgentCore); apply IaC practices to make provisioning repeatable and auditable.

• Establish base image pinning, dependency vulnerability scanning, and supply chain security practices for containerized workloads — particularly AI-generated codebases deployed via tools like Cursor or Claude Code.

• Define and enforce patch management and container runtime ownership for vibe-coded and agentic workloads entering production.

• Establish and enforce a consistent secrets management standard across all Business Systems workloads — GCP Secret Manager, AWS Secrets Manager, and equivalent — eliminating credential exposure via environment variables, source code, or client-side contexts.

• Define and maintain API key rotation policies in alignment with security standards (high-severity keys: quarterly; vendor keys: annually at minimum).

• Partner with Security and IT on IAM scoping, least-privilege service accounts, VPC configuration, and public/private endpoint governance for Cloud Run and Bedrock deployments.

• Maintain a centralized registry of deployed workloads — GitHub repos, deployment URLs, architecture docs, data classification, and observability dashboard links — accessible to AppSec and infrastructure teams.

• Build internal tooling, automation scripts, and automated testing frameworks (unit, integration, regression) to reduce toil and increase deployment confidence; continuously evaluate new tooling to improve developer experience.

• Develop or enforce GitHub repository templates for Cloud Run deployments that cover security audits, deployment configuration, API integration, and MCP server patterns — serving as a reusable foundation for AI-assisted builds.

• Define where self-service deployment and administration are appropriate versus where stronger change control and operational guardrails are required; serve as the DevOps SME, enabling developers to operate with autonomy within those boundaries.

• Document and maintain operational runbooks, architecture decision records (ADRs), and deployment standards as living artifacts.

• Collaborate with IT, Data Engineering, Security, and business stakeholders on cross-functional initiatives that touch the GTM platform.

• 4+ years in a DevOps, Site Reliability Engineering (SRE), or Platform Engineering role

• 2+ years of hands-on experience deploying and managing Salesforce environments (SFDX, Salesforce CLI, scratch orgs, sandboxes, change sets, or pipeline-based deployments)

• Experience with at least one additional GTM/ERP platform, such as NetSuite, MuleSoft, or Workato, in an operational or deployment capacity

• Demonstrated experience building and maintaining CI/CD pipelines using tools such as GitHub Actions, GitLab CI, Jenkins, or Copado

• Hands-on experience with GCP services — Cloud Run, Cloud Scheduler, Cloud Secret Manager, Artifact Registry, GCS — in a deployment or operations context

• Experience with AWS services in an integration or operations context — Lambda, S3, SQS, Secrets Manager, CloudWatch; familiarity with Bedrock AgentCore or similar managed agent hosting infrastructure is a strong plus

• Experience managing containerized workloads, including image lifecycle, dependency scanning, and supply chain security practices

• Experience with incident management, on-call processes, and writing post-incident reviews

• Strong scripting skills in Python, Bash, or Node.js for automation and tooling

• Proficiency with Git, branching strategies, and version control best practices

• Understanding of API-based integration patterns (REST, SOAP, event-driven) as they apply to MuleSoft, Workato, or similar iPaaS tools

• Hands-on familiarity with secrets management across GCP Secret Manager and AWS Secrets Manager; strong grasp of security best practices in CI/CD contexts (least-privilege IAM, no hardcoded credentials, key rotation)

• Monitoring and observability tooling experience (Datadog, Splunk, Google Cloud Monitoring, CloudWatch, or similar)

• Infrastructure-as-code proficiency — Terraform or CloudFormation; experience applying IaC to Cloud Run or Lambda-based workloads preferred

• Familiarity with container security practices: base image pinning, vulnerability scanning (e.g., Artifact Registry, Trivy), and dependency management for AI-generated codebases

ClickUp is an Equal Opportunity Employer, and qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.

ClickUp collects and processes personal data in accordance with applicable data protection laws. You can find further details by viewing our Global Candidate Privacy Notice.

If you are a Philippine Job Applicant, please also see our Philippine Data Privacy Notice for further details.

Please note we are unable to sponsor or take over sponsorship of an employment visa for roles outside of engineering and product at this time. Sponsorship for engineering and product roles is not guaranteed, but is instead based on the business needs for that specific role at that time. Please reach out to the recruiter with any questions.

ClickUp Talent Acquisition will only initiate contact via an @clickup.com email or through our official careers portal on clickup.com. We will never request fees, payments, or sensitive personal information. Please disregard any offers received outside these channels and report them to support@clickup.com.

ClickUp may use artificial intelligence and machine learning technologies to help review and screen candidates' employment applications against role-related criteria. These tools support, but do not replace, human decision‑making. If you have questions or need an accommodation in the recruitment process, please contact us at AskPeople@ClickUp.com.