We are looking for a Cloud Security Engineer who, following DevSecOps principles, will be responsible for the security of our cloud-based infrastructure and CI/CD processes. Your mission will be to proactively identify security gaps, implement security controls, and harden our Kubernetes environment.
We are a middle-sized software development outsourcing company working primarily with enterprise-level clients from Austria, Sweden, the UK, the USA, Belgium, Cyprus, Israel, Bulgaria and others.
Daily Responsibilities * Kubernetes Cluster Security: Implementing and managing security policies using Kyverno and Gatekeeper to secure the cluster. * Secret Management: Ensuring the secure storage and access of secrets using Azure Key Vault and the AKV2K8S integration. * Identity & Access Management: Configuring and maintaining Role-Based Access Control (RBAC) systems with Keycloak. * Security Scanning: Automatically detecting vulnerabilities during the build process by integrating Trivy into GitLab pipelines. * Network Security: Filtering network traffic and managing network policies with Ciliumand Traefik. * Image Signing: Implementing and managing the container image signing process to secure the software supply chain. * Security Monitoring: Monitoring for security events and anomalies and managing alerts using the Prometheus, Loki, and Alertmanager stack. * Continuous Updates: Managing the automated update of dependencies and system components using Renovate.
Must-Have Requirements * More than 5+ years of relevant experience in a DevOps role. * In-depth understanding of cloud and Kubernetes security principles and best practices. * Hands-on experience with Kubernetes security tools (Kyverno, Gatekeeper, Cilium). * Strong proficiency in Secret Management solutions (Azure Key Vault). * Experience integrating vulnerability scanning tools (Trivy) into CI/CD environments. * Solid knowledge of Identity and Access Management (IAM, RBAC) and authentication protocols (Keycloak). * Familiarity with Infrastructure as Code (Terraform) and GitOps (ArgoCD) from a security perspective.
Nice-to-Have Skills * Broader DevOps experience in managing production environments. * Deep knowledge of the full Prometheus monitoring stack (Loki, Alertmanager, etc.). * Relevant security certifications (e.g., CKS, AZ-500). * Proficiency in scripting languages (e.g., Python, Bash) for automation tasks. * German language knowledge
What we offer:
Work from Anywhere: The flexibility to work remotely or from our office, depending on what suits you best.
Work-Life Balance: We support your well-being with paid vacation and sick leave to ensure you have the time you need to recharge. Enjoy a flexible schedule that fits your lifestyle.
Full Accounting Support: We handle all administrative details, including tax coverage and comprehensive accounting support.
Competitive Compensation: Competitive compensation that reflects your experience and skills.
Friendly Team & Cozy Environment: Join a supportive, collaborative team. We also offer thoughtful gifts and organize engaging corporate events.
No Bureaucracy, No Micromanagement: A workplace with minimal bureaucracy and no micromanagement. Embrace the freedom to innovate and excel in an environment where everyone feels valued and heard.
