The Public Cloud Product Unit operates on a national and international level, for medium-sized and large companies. With the new Managed Services Public Cloud, we develop, market and operate agile, cloud-native, forward-looking products and services for the digital world. We see ourselves as innovation drivers and make our customers' business fit for the digital future. Our mission: To be successful in tomorrow, we need to think now about the day after tomorrow - and always together with our customers.
In the Open Telekom Cloud Delivery, we have broken new ground and created an environment in which a completely new type of product based on open source community software is driven forward with the procedures and principles of a community approach. Lean structures, agile and innovative methods and procedures as well as an extremely innovation-driven environment determine our actions.
With this dynamic and agile orientation, we are the anchor point for the Public Cloud business area in the Deutsche Telekom Group.
We are measured by the delivery of innovative solutions from our platforms and we are consistently focused on this goal. Together with our platform partner and other partners from the OpenStack Ecosystem, we are working sustainably on the further development of the platform. Security and quality aspects are incorporated into the development right from the start in order to create a highly innovative and attractive public cloud product based on German and European security and data protection standards.
We are looking for you to join our team: people who are professionals and evangelists with a great deal of enthusiasm for technology and who will master this challenge together with us.
Would you like to work in international Scrum development teams from different cultures?
Do you like flat hierarchies, and do you have an independent working style?
Do you like varied challenges in dynamic agile teams?
Then you are the right person for us.
As "Senior Engineer Audit and Compliance Public Cloud" you understand the latest developments in the field of Security & Cloud. You will be responsible for the technical project management for the implementation of secure IT solutions and the maintenance of compliance requirements such as ISO 27001, BSI C5, PCI DSS, SOC 2 or the IT Security Act.
The following tasks belong to this:
- You will work together with specialists from our team and other Deutsche Telekom teams on the technology topics of public cloud, open source and security.
- You will ensure the efficient and successful execution of external audits (e.g. ISO 27001, BSI C5, PCI-DSS, SOC2, IT security law), especially because you already have experience in mapping the controls of different audit catalogues.
- You advise and support projects of internal departments and internal IT in all aspects of information and IT security.
- You actively participate in the implementation of an information security management system.
- You will initiate information and IT security measures and monitor their effectiveness.
- As a competent contact person, you will support the identification and assessment of security risks.
- In case of information security incidents, you will analyze them and derive recommendations for action.
Elvárások / Requirements
- Degree in business informatics, computer science, mathematics, a technical, engineering or natural science subject or a comparable vocational training with many years of professional experience
- In-depth knowledge and experience in responsible implementation of successful certifications of SOC2 and PCI-DSS.
- Many years of experience in mapping and implementation of requirements catalogs for ISO 27001, BSI C5, PCI-DSS and SOC2 or comparable.
- Experience in the development of solutions for fulfilling requirement catalogues.
- Detailed knowledge of software security concepts.
- Good knowledge of secure scale-out cloud applications and the necessary technological building blocks and tools (e.g. PaaS frameworks with CloudFoundry/OpenShift/Docker).
- Knowledge of automation, e.g. Ansible.
- Good knowledge of system technologies (Linux, Xen/KVM, Linux network and storage, system tools) as well as OpenStack and Docker/LXC/LXD container technologies.
- Fluent English, both written and spoken