Role Description Für einen Kunden aus dem öffentlichen Sektor suchen wir derzeit einen Senior DevOps Engineer (m/w/d). Für diese Position können wir ca. 85,00 € / Stunde für remote und vor Ort anbieten. - Leistungszeitraum: asap bis 30.07.2028 - Leistungsumfang: ca. 3.200 Stunden, optional +50 % - Leistungsort: ca. 95 % remote (Deutschland), ca. 5% Düsseldorf oder Bonn Qualifications - Berufserfahrung: mindestens 5 Jahre - Sprache: Deutsch C2 (Wort und Schrift) Requirements - Agile Arbeitsweise (Scrum/Kanban, Definition of Ready/Done, Akzeptanzkriterien) – 3 Jahre - Benutzung von Git (Branching Modelle, Merge/Rebase, Reset, Fetch/Pull) – 3 Jahre - Build Automatisierung Allgemein (CI Pipelines, Build Jobs, Staging vs. Production Builds, GitLab CI, Bash/Python) – 3 Jahre - Softwarequalität (Code Review, Clean Code, SOLID, statische Code Analyse, Linter) – 3 Jahre - Kenntnisse von Software Architektur (3-Tier Architecture, Hexagonale/Clean Architecture, Design Patterns) – 3 Jahre - Nutzung von Webstandards und Protokollen (HTTP REST, Authentifizierung TLS, OIDC) – 3 Jahre - Implementierung von IT-Sicherheit von Apps / Privacy-by-Design (CORS, OWASP MASVS & ASVS, CSP, Dependency Handling, CVE Handling, BSI IT Grundschutz) – 1 Jahr - Erfahrung mit Container Technologien (Imagedefinitionen, Container Registries, Buildautomatisierung, Entwicklung mit Containern) – 3 Jahre - Erfahrung mit GitLab (GitLab CI, Container Images im Buildprozess, Deployment von Backendsystemen über die CI) – 3 Jahre - Erfahrung in der Linux System Administration (Account Management, vi Editor, Netzwerkverkehr analysieren, Backup/Restore, Hardware Setup, Troubleshooting, Monitoring) – 5 Jahre - Erfahrung mit Containertechnologien – Advanced (Betrieb von Containern, Build von Container-Images, Kubernetes, Observability mit Prometheus/OpenTelemetry) – 5 Jahre - Erstellung von Buildscripten und -tools (Bash, Python) – 5 Jahre - Erfahrung im Aufbau von Backendsystemen (SQL-Datenbanken, Reverse Proxy, Proxy, Webserver) – 5 Jahre - GitOps mit ArgoCD/Crossplane (Konfigurieren & Administrieren, App of Apps Pattern/ApplicationSets, Variablen und Templates, Fehlerbehandlung) – 5 Jahre - Erfahrung in der Administration/Nutzung von MacOS (Grundsätzliche Bedienung, Brew) – 1 Jahr Benefits - Flexible Arbeitszeiten - Remote-Arbeit - Wettbewerbsfähige Vergütung

• Manages and integrates DevSecOps practices across DevOps Engineering, Release Management, and Security operations • Acts as a key manager and technical liaison, bridging internal teams and IT stakeholders • Ensures that software-delivery pipelines are aligned with technical standards and federal security frameworks • Plays an active role in implementation and problem-solving • Guides integration of infrastructure and drives project delivery • Communicates clearly with leadership and monitors delivery and release metrics.

• Build and maintain cloud native infrastructure architectures that are secure, NIST 800-53 compliant, resilient and optimized for performance • Assess architectures and designs for security vulnerabilities and suggest and implement proper alternatives • Come up with customized tools for security purposes in DevOps. • The professionals should be well-versed in at least one of the programming languages like Java, PHP, Python, Ruby, and Perl to collaborate competently with other teams within the organization • Possess deep and hands-on knowledge of AWS or Azure, Docker, Kubernetes, and how to implement developer tools such as GitHub and Dependency management • Use configuration management tools (Terraform, Ansible, Docker & Multipass) to deploy cloud infrastructure, platform stack, HTTP/TLS security, and compliance assets • Automate routine tasks to provide scalability to operations • Create and oversee automated release operations as well as the advancement of desired state automated CI-CD Pipelines using Jenkins, Spinnaker and other relevant CI-CD tools • Create CI/CD pipelines as code (PaCs) • Deploy infrastructure on cloud platforms by writing IaCs and other relevant manifests and scripts

• Designing, implementing, and maintaining the DevSecOps toolchain that supports the Salesforce-based MESH platform and its integrations across AWS, Microsoft 365, T-MSIS, MBES/MacFin, and CMS DataConnect • Building and operating CI/CD pipelines using GitHub Actions and Copado that automate build, test, security scanning, deployment, and rollback for both Salesforce and AWS-hosted components • Managing AWS cloud infrastructure using infrastructure-as-code (Terraform, AWS CloudFormation) and configuration management tools (Ansible), in alignment with CMS Cloud governance and FedRAMP Moderate baselines • Implementing observability across the platform using tools such as Splunk, AWS CloudWatch, New Relic, or Dynatrace; building dashboards and alerts for system health, latency, throughput, error rates, and capacity (median, 95th, and 98th percentile) • Automating day-to-day operational tasks (provisioning, patching, configuration, user/access management) using Python, Bash, PowerShell, and AWS APIs to reduce toil and improve repeatability • Partnering with the security team to integrate security gates (SAST, DAST, SCA, container scanning) into pipelines and to remediate vulnerabilities within CMS-defined timeframes • Supporting incident, change, and problem management as part of an integrated Agile delivery team; contributing to root-cause analyses and preventive actions • Maintaining hardened, monitored environments for development, testing, UAT, staging, and production with minimum-downtime deployment strategies and tested rollback procedures • Implementing data backup, retention, and disaster-recovery solutions for both Salesforce and AWS-hosted assets, validated through scheduled restoration tests • Managing user access, secrets, and certificates across CMS IDM/Okta, EUA, AWS IAM, GitHub, and Copado in accordance with least-privilege and zero-trust principles • Documenting architecture, runbooks, deployment procedures, and operational standards in CMS-approved tools (Confluence, Box, GitHub) and ensuring transparency for CMS Product Owners • Coordinating with the CMS Cloud contractor to optimize cloud resource utilization, cost, and adherence to CMS Cloud governance processes • Mentoring engineers on DevSecOps best practices, automation-first design, and continuous-improvement metrics tied to deployment frequency and reliability