DevOps Engineer (Security) (REF3746I)

Company Description

The largest ICT employer in Hungary, Deutsche Telekom IT Solutions (formerly IT-Services Hungary, ITSH) is a subsidiary of the Deutsche Telekom Group. Established in 2006, the company provides a wide portfolio of IT and telecommunications services with more than 5000 employees. ITSH was awarded with the Best in Educational Cooperation prize by HIPA in 2019, acknowledged as one of the most attractive workplaces by PwC Hungary’s independent survey in 2021 and rewarded with the title of the Most Ethical Multinational Company in 2019. The company continuously develops its four sites in Budapest, Debrecen, Pécs and Szeged and is looking for skilled IT professionals to join its team.

Job Description

Department and Project 

This position is within the Tolling Services team of Deutsche Telekom IT Solutions Hungary. The team consists of IT professionals specializing in electronic road-charging solutions. Together with our partners, we develop and operate intelligent, kilometer-based tolling systems for international customers, covering the entire business process (vehicle registrations, country booking, providing On-Board Units, position data transmission, charge calculation, and fleet billing). Leveraging digital intelligence and advanced technology, our tolling solutions facilitate seamless mobility across Europe. The team aims to enhance existing services and expand into new domains. As part of an international team collaborating with T-Systems International, you will play a key role in supporting our customers with cutting-edge tolling solutions. 

Main tasks 

• HSM & PKI Management: Deploy, optimize, and automate HSMs and PKI systems, integrating them into CI/CD pipelines for secure cryptographic operations. Monitor and troubleshoot key management services for performance and security. 
• Infrastructure Automation: Use IaC tools like Terraform and Ansible to automate key, certificate, and infrastructure management tasks. 
• Access Systems: Deploy and maintain secure remote access solutions (RDP, Jumpservers) and optimize for scalability, reliability, and high availability. 
• Automation & Scripting: Develop scripts (PowerShell, Python) to automate deployment, monitoring, and configuration tasks. 
• Security & Compliance: Implement MFA, least privilege access, logging, and auditing. Conduct security assessments, vulnerability scans, and penetration tests to ensure compliance and mitigate risks. 
• Monitoring & Incident Response: Set up monitoring for access systems and infrastructure, proactively resolving issues and responding to incidents promptly. 
• Collaboration & Documentation: Work with teams to enhance access policies and integrate security into the SDLC. Maintain detailed documentation of configurations and procedures. 
• User Access Management: Streamline user provisioning/deprovisioning using Active Directory and identity management tools. 
• Cloud & On-Premises Infrastructure: Design and manage secure, resilient infrastructure, including firewalls, VPNs, load balancers, and IDS/IPS systems. 
• CI/CD Pipeline Security: Manage CI/CD pipelines with a focus on security, ensuring deployments meet strict standards. 
• Continuous Improvement: Stay updated on security threats and DevOps trends, implementing enhancements for efficiency and security. 
• On-Call Support: Provide on-call support for production environments, addressing security incidents and network issues promptly.

Qualifications

• Bachelor’s degree in Computer Science, Cybersecurity, or related field (or equivalent experience). 
• 3+ years of experience in a DevOps or network and security engineering role
• Experience with HSMs (e.g. AWS CloudHSM). 
  • Strong knowledge of security best practices, including encryption, identity and access management (IAM), and incident response. 
• Experience with PKI, OpenSSL, and certificate management tools (e.g., HashiCorp Vault). 
• Strong knowledge of Windows Server (2016, 2019, 2022) administration. 
• Proficiency in scripting and automation (Python, Bash, Terraform, Ansible). 
• Experience working with cloud platforms (AWS) and integrating key management solutions. 
  • Knowledge of CI/CD pipelines, containerization (Docker, Kubernetes), and Infrastructure as Code (IaC) methodologies. 

Advantage: 

• Experience working in SAFe environment. 
• German language knowledge 
• Experience with on-prem infrastructure
  • Strong troubleshooting, analytical, and communication skills.
  • Familiarity with security best practices, compliance standards, and regulatory frameworks.
  • Understanding of Zero Trust security models and remote access security best practices.
  • Familiarity with Active Directory (AD), Group Policies, and Identity & Access Management (IAM) solutions.

Additional Information

* Please be informed that our remote working possibility is only available within Hungary due to European taxation regulation.