Job
- Level
- Experienced
- Job Field
- IT, DevOps
- Employment Type
- Full Time
- Contract Type
- Temporary employment
- Location
- Leipzig
- Working Model
- Hybrid, Onsite
Job Summary
In this role, you will build modular Terraform stacks for Azure and AWS, maintain CI/CD pipelines, implement security standards, and manage cloud service optimizations and governance structures.
Job Technologies
Your role in the team
- Development and maintenance of modular Terraform stacks (Modules/Providers) for Azure/AWS Landing Zones, networking, security, Kubernetes, and platform services.
- CI/CD pipelines for validation (linting, policy checks), drift detection, and automated rollouts (plan/apply where appropriate).
- Quality standards (version/state management, "immutable" patterns, testability, docs-as-code).
- Provision of self-service catalogs (Terraform + GitLab CI), including clear guardrails and tiered approval processes.
- Enablement for "You build it, you run it!", including templates, best practices, and onboarding materials.
- Multi-Account/Subscription Governance Structuring of Azure Subscriptions including SCPs, policies, cost/responsibility allocation.
- Create a landing zone concept with separation of Dev/Stage/Prod, Least Privilege & Segregation of Duties.
- Continuous logs/traces/metrics (e.g., OpenSearch, OpenTelemetry, Prometheus/Grafana).
- Alerting (Alertmanager/Opsgenie) with meaningful thresholds, runbooks, and SLO/SLA definitions (e.g., Pyrra).
- Transparency about costs & cost drivers (e.g., OpenCost for Kubernetes), tagging/allocation. Forecasting, budgets & optimization (rightsizing, RI/Savings Plans, scaling policies).
- Reporting & Recommendations for Teams ("Showback/Chargeback" where appropriate).
- Policy-as-Code (e.g., Kyverno for K8s), hardening and encryption (KMS).
- Logging/Revision (CloudTrail), auditability along defined controls (e.g., ISO 27001-like baselines). Secrets management, vulnerability management, change controls, and emergency processes.
- Backups for S3 and relevant cloud services, cross-region strategies.
- Documented RTO/RPO, regular restore tests (e.g., Velero for K8s).
- BCDR runbooks & exercises with teams.
- Technical documentation: runbooks, playbooks, ADRs, diagrams, and operational processes.
- Training/Enablement for teams, clear handover points (Definition of Ready/Done), process discipline.
This text has been machine translated. Show original
Our expectations of you
Qualifications
- Solid knowledge of Kubernetes (AKS/EKS) including networking/Ingress, Helm/Deployments.
- Practical experience in Observability (Prometheus/Grafana, OpenTelemetry, Alerting) and runbook-driven operations.
- Proficient in Identity & Access Management (IAM/RBAC), Tagging/Guardrails, and Landing Zone Patterns.
- FinOps fundamentals (cost analysis, forecasting, rightsizing).
- Scripting (e.g., Bash/Python), Git-based workflow, Infrastructure- & Docs-as-Code.
- Very good knowledge of German.
- Willingness to be on-call within a structured framework.
- Ideally certifications (Terraform, AWS/Azure, CKA/CKAD, FinOps).
Experience
- At least 3 years of experience in Cloud Operations (AWS/Azure) with Terraform & CI/CD (e.g., GitLab CI).
- Experience with Security & Compliance in regulated environments (e.g., NIS2/KRITIS, ISO 27001-related controls).
- Ideally, experience with Argo CD/Flux, HashiCorp stack (Vault, Packer).
- Ideally, KRITIS experience in the energy sector and audit preparation.
This text has been machine translated. Show original
Benefits
Work-Life-Integration
More net
Health, Fitness & Fun
Food & Drink
Topics that you deal with on the job
Job Locations
This is your employer
Senec Gmbh
Since 2009, SENEC GmbH has been developing and producing intelligent energy storage systems and storage-based energy solutions in Leipzig. With its license to directly market electricity, the company offers its customers maximum independence from external power suppliers.
Description
- Company Type
- Established Company
- Working Model
- Hybrid, Onsite
- Industry
- Power Sector, Economy
