AWS Cloud Operations DevOps Engineer (Financial Services)

Were looking for an AWS Cloud Ops/DevOps Engineer to design secure and operate a multi-account AWS environment supporting regulated financial workloads. Youll automate infrastructure CI/CD observability and security controls across a stack that includes EC2 ECS/EKS RDS S3 CloudFront API Gateway CloudWatch WAF/Shield and more. You will building and maintaining the infrastructure that supports our 400k end customers and 5 product development teams as well as external suppliers - ensuring reliability cost efficiency and compliance in a highly regulated environment.
 

Core Responsibilities

Infrastructure & Platform:

• Manage Amazon EC2 ECS and EKS clusters for containerized workloads.
• Implement Elastic Load Balancing Amazon VPC and Route 53 for networking and traffic routing including secure VPC connectivity to RDS Redis/ElastiCache and other services.
• Operate Amazon RDS DynamoDB and ElastiCache for data services.
• Optimize Amazon S3 for storage and CloudFront for CDN delivery.
• Ensure uptime and availability of base infrastructure (firewalls load balancers) and application workloads.

Automation & IaC:

• Build reproducible infrastructure using AWS CloudFormation and Terraform/OpenTofu including reusable templates/modules to standardize App Runner and other service deployments across teams.
• Define and maintain CI/CD pipelines with AWS CodePipeline CodeBuild AWS CDK and GitHub Actions/GitLab CI enabling consistent delivery and compliance enforcement.
• Automate tagging encryption and policy enforcement to meet compliance/security requirements.

Observability & Reliability:

• Configure Amazon CloudWatch (metrics logs alarms) and X-Ray for tracing ensuring visibility across all workloads.
• Define and track SLIs/SLOs uptime targets and cost-per-user/session metrics to drive operational excellence.
• Establish alerting runbooks and escalation paths to ensure a stable and available service for end users.

Security & Compliance:

• Set up IAM roles permissions and guardrails to enforce least-privilege access.
• Enforce least-privilege with IAM Access Analyzer KMS and Secrets Manager.
• Implement AWS WAF Shield GuardDuty Security Hub and Config for security posture.
• Maintain audit readiness with AWS CloudTrail and compliance mapping (BaFin DORA).

Data & Integration:

• Support API Gateway for microservices and SQS/SNS for messaging.
• Manage Database Migration Service (DMS) for data migrations.
• Knowledge of AWS End User Messaging

Qualifications :

Required Skills

• Strong hands-on experience with EC2 ECS/EKS RDS S3 VPC Route 53 CloudFront.
• Proficiency in CloudFormation and Terraform for IaC.
• CI/CD with CodePipeline CodeBuild GitHub/GitLab.
• Observability: CloudWatch X-Ray log aggregation and operational metrics.
• Security: IAM KMS WAF Shield GuardDuty Security Hub Config and compliance policy enforcement.
• Scripting in Python/Bash and Linux administration.

Nice to Have

• Experience with OpenSearch Kinesis Redshift ElastiCache.
• Familiarity with AWS DevOps Guru Step Functions and Backup.
• Knowledge of BaFin cloud outsourcing and DORA compliance.

Zusätzliche Informationen :

Whats in it for you 

• Work-Life Balance: Flexible working hours extensive mobile office options
• Workation in European countries
• Training & Development: Participation in seminars and trainings attendance at conferences and conventions network of professional exchange partners
• Team Events: Regular rooftop barbecues company outings summer party Christmas party ice cream truck as well as regular internal team events supported by dedicated team budgets
• Health: Free fruit participation in the B2Run corporate run
• Additional Benefits: Company pension scheme capital-forming benefits public transport subsidy discounted employee parking and much more
• Dog-friendly workplace 

Remote Work :

Yes

Employment Type :

Full-time