* You have a 'You Build It - You Run It!' mindset and take responsibility for the operation of the services and solutions you develop.
* You have several years of experience in operating Linux servers and Kubernetes clusters.
* You have several years of experience in software development (ideally Go), and ideally, you have already developed Kubernetes Operators.
* You have a strong awareness of security aspects, and you enjoy challenging existing security concepts and designing and implementing architectures.
* You have extensive experience with authentication (OIDC, SAML) and authorization (RBAC, ReBAC) protocols, as well as hardening in the Kubernetes and Linux (AppArmor, SELinux, Seccomp, eBPF) context.
Introduction text
Schwarz Digits creates the technological foundation for digital sovereignty in Europe. As the IT and digital division of the Schwarz Group, we develop and manage the IT infrastructures for the retail divisions Lidl and Kaufland, as well as Schwarz Production and PreZero. At the same time, we operate as an independent provider in the external market to support companies across Europe in their digital transformation. We bundle our core services in the areas of Cloud, Cyber Security, Data & AI, Communication, and Workspace.
Join us and contribute to digital sovereignty in Europe. With us, you will work at the intersection of agility and security: You will benefit from fast decision-making processes, enjoy genuine creative freedom in your projects, and be able to build upon the stable foundation of the Schwarz Group.
Your tasks
* Together with your SKE Security Crew, you drive the development and implementation of new security-relevant features for the STACKIT Kubernetes Engine (SKE).
* You develop comprehensive security policies for Kubernetes clusters, including RBAC, Admission Controllers, Network Policies, and Policy-as-Code solutions like Kyverno.
* You implement security measures such as Pod Security Standards, Image Scanning, Audit Logging, and Runtime Security Monitoring with Falco.
* You act as an interface to the Cyber Security Team to implement security-relevant requirements.
* You automate and implement processes to ensure security compliance, such as regular security audits and vulnerability scans.