For our client we are looking for a Cloud System Engineering (f/m/d).

 

Key data:

Start: asap

End: 31.12.2026++

Capacity: fulltime

Location: Berlin, 95% remote

 

Tasks:

- Kubernetes Security:

Designing, implementing, and managing security best practices for Kubernetes clusters, including namespace isolation, network policies, role-based access control (RBAC), secrets management, and pod security standards.

- Stateful Services Protection:

Ensuring secure configuration and operating of stateful services such as Apache Kafka, CEPH/S3 object storage, and PostgreSQL databases. This includes encryption, access management, high availability setup, and continuous vulnerability assessment.

- Continuous Deployment Security:

Integrating security controls into GitOps workflows using ArgoCD and Helm charts. Champion secure image registries, verifying provenance of container images, and oversee automated policy checks during deployment.

- Observability and Monitoring:

Designing and enforcing security and data privacy standards in observability stacks. Leverage Prometheus, VictoriaMetrics, and OpenTelemetry to monitor system integrity, detect anomalies, and implementing actionable security alerting.

- Incident Response and Forensics:

Developing response plans and implement tools for rapid identification, analysis, and remediation of security incidents across cloud and container environments.

- Collaboration & Compliance:

Working closely with development, operations, and architecture teams to ensure security requirements are met during the full lifecycle of cloud-native applications. Supporting compliance initiatives and participating in audits as needed.

- Documentation and Best Practices:

Maintaining up-to-date security documentation for configurations, incident handling, and CI/CD pipelines. Conducting knowledge-sharing sessions and contribute to security standardization for the project.

 

Skills:

- At least 3 years of experience as a (Security) Cloud Engineer

- Very good knowledge and understanding of cloud platform concepts and the corresponding security concepts such as in Azure and other hyper scaler

- Hands-on in DevOps tools such as Azure DevOps, Basic ArgoCD workflows, CI/CD concepts, Git and Basic Scripting with a focus on IT-security

- Very good know-how in the deployment of cloud-native workloads with Helm (Package Manager)

- Very good knowledge of Kubernetes concepts, Kafka messaging, CEPH object storage, PostgreSQL databases and all security related topics in the area

- Implementing service and system hardening based on guidelines (e.g. CIS)

- Experience in security monitoring and security operation centers (SOC)

- Experience in troubleshooting and solving technical problems in the DevOps environment

- Fluency in written and spoken German and English is required