DevOps

Description

Job Summary: Design, implement, and maintain infrastructure-as-code on AWS; manage EKS clusters; build secure CI/CD pipelines; serve as a technical reference. Key Highlights: 1. Design and provisioning of infrastructure-as-code (IaC) on AWS 2. Management of Amazon EKS and Kubernetes clusters 3. Design and implementation of CI/CD pipelines with AWS Profile Description: Infrastructure-as-Code (IaC) Design and Provisioning: Design, implement, and maintain project infrastructure on AWS using Terraform, covering dev, staging, and prod environments—including EKS, Aurora PostgreSQL, MSK Kafka, ElastiCache Redis, S3, API Gateway, CloudFront, WAF, KMS, Cognito, ECR, and IAM policies adhering to the principle of least privilege. All IaC code must be versioned in Git, modularized by service, and executed from the CI/CD pipeline. Amazon EKS and Kubernetes Cluster Management: Provision and administer the EKS cluster—including node groups, namespaces, RBAC, network policies, and auto-scaling resources (HPA). Define and maintain Kubernetes manifests for PIV microservices—Deployments, Services, ConfigMaps, Secrets integrated with AWS Secrets Manager, liveness/readiness probes, and resource limits aligned with SLA requirements. CI/CD Pipeline Design and Implementation: Build and operate continuous integration and deployment pipelines using AWS CodePipeline and CodeBuild—including linting, building, executing unit tests, building Docker images, pushing to ECR, and deploying to EKS. Implement Blue/Green deployments with automatic rollback upon post-deployment failures. Infrastructure Security and Compliance: Design and implement AWS security architecture aligned with regulatory requirements—including encryption via KMS, certificate management via ACM, WAF configuration, AWS Shield, and CloudTrail with log retention in S3\. Ensure production resources are not directly exposed to the internet. Network Configuration and Connectivity: Design VPC network topology—including public and private subnets, route tables, security groups, and private connectivity between services. Configure DNS and portal distribution via CloudFront and Route 53\. Observability and Monitoring: Implement observability strategy using CloudWatch logs, metrics, and alarms; AWS X-Ray for distributed tracing; and Prometheus/Grafana on EKS for operational metrics. Configure alerts for errors, latency, and availability. Secrets Management: Implement centralized secrets management using AWS Secrets Manager—including automatic credential rotation—and ensure no sensitive information is exposed in code or configurations. Technical Reference: Serve as the infrastructure reference for the development team—supporting Kubernetes service configuration, resolving technical blockers, documenting architectural decisions, and participating in sprint planning alongside the team. As an IT consulting and software development partner, we specialize in digital transformation for clients in finance, insurance, and industrial sectors. Our approximately 700 talents in Germany develop sustainable solutions using cutting-edge technologies. **Five Reasons to Join \#TeamGFT** ---------------------------------------------- * **Flexibility:** Balance is everything here! We offer an environment that supports flexible hours and remote work. * **Collaboration:** Collaboration is fundamental. We work in multidisciplinary teams where each person contributes their unique skills. * **Multiculturalism:** We have a diverse global team that fosters an atmosphere of learning and personal growth. * **Development:** We provide personalized career paths and training programs to unlock your potential. * **Relevance:** We collaborate with industry-leading clients on high-impact projects that shape the technological future.