Infrastructure Domain Architect Security (m/w/d) - Remote & Berlin

Beschreibung

Für unseren Kunden in Berlin suchen wir im Rahmen eines langfristigen Greenfield Projektes erfahrene Unterstützung als Infrastructure Domain Architect Security (m/w/d) . Die Tätigkeit erfolgt Remote und bis zu 50% pro Monat vor Ort in Berlin oder ggfs auch. Frankfurt oder München.

This is a senior architectural role; therefore the individual must have and at least 7 years working in the
specified technology area, and able to demonstrate this experience along-side demonstrating real world
experience of the entire life cycle of products and/or resources.
The individual should be able to clearly communicate with senior architects, peer architects, and the delivery
and engineering teams. They must be able to clearly expressing the architecture, ideas and the designs. They
must be able to document solutions in a professional readable manner including diagrams.
The architect must have excellent problem analysis and resolution competencies.
The individual must have the experience to think at a holistic level to ensure the work provided encompasses a
forward view to enable solutions to be built upon with minimal disruption upstream or downstream, therefore
understanding not just the core competency but surrounding aspects / technologies to ensure the architectures
fit into the overall strategy.
The architectures will be owned by the architect through the entire lifecycle therefore being fully responsible

Must Have Anforderungen:

- Thales HSM
- HashiCorp Vault (PKI, ACME)
- RedHat IPA/Certificate System (PKI, ACME)
- DigiCert PKI
- NG FW - Palo Alto, Fortinet
- Linux FW - UFW, firewalld
- Secure Client Access solutions (VPN) – PA, Fortinet, other …
- Zero Trust architectures (internal engineering/admins and customer access)
- IDS/IPS architectures – monitoring, detection and intervention through automated processes.
- Day0 monitoring/analysis/prevention (as per previous point)
- IAM / AAA solutions for internal administration individuals/systems and for customer access (remote
access), customer network/application access.
- IAM – HashiCorp Vault, RedHat IPA, freeRadius, …
- DNSSec
- Observability Solutions - Logging/Metrics - Loki, Grafana, Prometheus, ELK, …
- Network Routing Protocol Security
- Server endpoint security – immutable OS’s
- Linux Security
- Windows Security
- Packet Inspection Skills
- Fluent English in speech and writing (at least C1)

Ort: Remote und Berlin, Frankfurt oder München bis 50% onsite je nach Projektphase
Start : Mai
Laufzeit: Ende 2024 und Option geplant mit quartalsweiser Beauftragung

Wir freuen uns über Ihre Bewerbung unter https://www.percision.de/projekt/7855 inklusive Angabe des Stundensatzes und Ihrer Verfügbarkeit.

Freundliche Grüße

Sebastian Leja
Teamleiter

Fon
Mail
Web https://www.percision.de
percision services GmbH
Agrippinawerft 26 (2.Etage)
50678 Köln