Stellenbeschreibung
For our client we are looking for a Cloud System Engineering (f/m/d).
Key data:
Start: asap
End: 31.12.2026++
Capacity: fulltime
Location: Berlin, 95% remote
Tasks:
- Kubernetes Security:
Designing, implementing, and managing security best practices for Kubernetes clusters, including namespace isolation, network policies, role-based access control (RBAC), secrets management, and pod security standards.
- Stateful Services Protection:
Ensuring secure configuration and operating of stateful services such as Apache Kafka, CEPH/S3 object storage, and PostgreSQL databases. This includes encryption, access management, high availability setup, and continuous vulnerability assessment.
- Continuous Deployment Security:
Integrating security controls into GitOps workflows using ArgoCD and Helm charts. Champion secure image registries, verifying provenance of container images, and oversee automated policy checks during deployment.
- Observability and Monitoring:
Designing and enforcing security and data privacy standards in observability stacks. Leverage Prometheus, VictoriaMetrics, and OpenTelemetry to monitor system integrity, detect anomalies, and implementing actionable security alerting.
- Incident Response and Forensics:
Developing response plans and implement tools for rapid identification, analysis, and remediation of security incidents across cloud and container environments.
- Collaboration & Compliance:
Working closely with development, operations, and architecture teams to ensure security requirements are met during the full lifecycle of cloud-native applications. Supporting compliance initiatives and participating in audits as needed.
- Documentation and Best Practices:
Maintaining up-to-date security documentation for configurations, incident handling, and CI/CD pipelines. Conducting knowledge-sharing sessions and contribute to security standardization for the project.
Skills:
- At least 3 years of experience as a (Security) Cloud Engineer
- Very good knowledge and understanding of cloud platform concepts and the corresponding security concepts such as in Azure and other hyper scaler
- Hands-on in DevOps tools such as Azure DevOps, Basic ArgoCD workflows, CI/CD concepts, Git and Basic Scripting with a focus on IT-security
- Very good know-how in the deployment of cloud-native workloads with Helm (Package Manager)
- Very good knowledge of Kubernetes concepts, Kafka messaging, CEPH object storage, PostgreSQL databases and all security related topics in the area
- Implementing service and system hardening based on guidelines (e.g. CIS)
- Experience in security monitoring and security operation centers (SOC)
- Experience in troubleshooting and solving technical problems in the DevOps environment
- Fluency in written and spoken German and English is required