AWS Cloud Operations DevOps Engineer (Financial Services)

We’re looking for an AWS Cloud Ops / DevOps Engineer to design, secure and operate a multi-account AWS environment supporting regulated financial workloads. You’ll automate infrastructure CI/CD, observability and security controls across a stack that includes EC2 ECS / EKS, RDS, S3, CloudFront, API Gateway, CloudWatch, WAF / Shield, and more. You will build and maintain the infrastructure that supports our 400k end customers and 5 product development teams as well as external suppliers - ensuring reliability, cost efficiency and compliance in a highly regulated environment.

• Manage Amazon EC2, ECS and EKS clusters for containerized workloads.
• Implement Elastic Load Balancing, Amazon VPC and Route 53 for networking and traffic routing including secure VPC connectivity to RDS, Redis / ElastiCache and other services.
• Operate Amazon RDS, DynamoDB and ElastiCache for data services.
• Optimize Amazon S3 for storage and CloudFront for CDN delivery.
• Ensure uptime and availability of base infrastructure (firewalls, load balancers) and application workloads.

• Build reproducible infrastructure using AWS CloudFormation and Terraform / OpenTofu, including reusable templates / modules to standardize App Runner and other service deployments across teams.
• Define and maintain CI/CD pipelines with AWS CodePipeline, CodeBuild, AWS CDK and GitHub Actions / GitLab CI enabling consistent delivery and compliance enforcement.
• Automate tagging, encryption and policy enforcement to meet compliance / security requirements.

• Configure Amazon CloudWatch (metrics, logs, alarms) and X‑Ray for tracing, ensuring visibility across all workloads.
• Define and track SLIs / SLOs, uptime targets and cost‑per‑user / session metrics to drive operational excellence.
• Establish alerting runbooks and escalation paths to ensure a stable and available service for end users.

• Set up IAM roles, permissions and guardrails to enforce least‑privilege access.
• Enforce least‑privilege with IAM Access Analyzer, KMS and Secrets Manager.
• Implement AWS WAF, Shield, GuardDuty, Security Hub and Config for security posture.
• Maintain audit readiness with AWS CloudTrail and compliance mapping (BaFin, DORA).

• Support API Gateway for microservices and SQS / SNS for messaging.
• Manage Database Migration Service (DMS) for data migrations.
• Knowledge of AWS End User Messaging.

• Strong hands‑on experience with EC2, ECS / EKS, RDS, S3, VPC, Route 53, CloudFront.
• Proficiency in CloudFormation and Terraform for IaC.
• CI/CD with CodePipeline, CodeBuild, GitHub / GitLab.
• Observability: CloudWatch, X‑Ray and log aggregation operational metrics.
• Security: IAM, KMS, WAF/Shield, GuardDuty, Security Hub, Config and compliance policy enforcement.
• Scripting in Python / Bash and Linux administration.

• Experience with OpenSearch, Kinesis, Redshift, ElastiCache.
• Familiarity with AWS DevOps Guru, Step Functions and Backup.
• Knowledge of BaFin cloud outsourcing and DORA compliance.

• Work‑Life Balance: Flexible working hours and extensive mobile office options.
• Workation in European countries.
• Training & Development: Participation in seminars and trainings, attendance at conferences and conventions, network of professional exchange partners.
• Team Events: Regular rooftop barbecues, company outings, summer party, Christmas party, ice cream truck, as well as regular internal team events supported by dedicated team budgets.
• Health: Free fruit participation in the B2Run corporate run.
• Additional Benefits: Company pension scheme, capital‑forming benefits, public transport subsidy, discounted employee parking and much more.
• Dog‑friendly workplace.

Remote Work: Yes

Employment Type: Full‑time