Job bei ioki:

DevOps Engineer – Security (m/f/d)

ioki is a complete service provider for digital forms of mobility on the road. We enable third parties, such as cities, transport companies or municipal authorities, to operate new types of mobility in public transport under their own name and design. To achieve that, we provide system components, such as the ioki platform and mobile apps, driver-based and autonomous vehicle concepts or mobility analytics, all of which can be put together flexibly and individually for our customers to build their own demand-responsive transport product.

We are looking for DevOps Engineers with a focus on security to join our Backend Engineering team, which builds the infrastructure and the platform that helps our customers launch and scale their mobility products. We are a team of six that is central to ioki’s product development and want to grow with our young infrastructure-as-code and backend codebases, which have seen a lot of production use already but are carefully maintained and free of technical debt.

We’re constantly challenging and improving the security of our systems. While we’re working towards the ISO27001 certification to ensure compliance with regulatory requirements, we’re committed to keeping agile processes and a lean mindset.

As a DevOps Engineer you’ll work closely within a team of  engineers as well as security- and data protection experts. You’ll be responsible to keep the modern infrastructure that powers the ioki platform secure and scalable.

As a member of the DevOps/ InfoSec Engineering team, you will:

  • Design and implement security guidelines and policies according to high technical standards as well as the requirements of ISO27001 and BSI Grundschutz
  • Deploy and automate a high availability infrastructure with Terraform, OpenStack and Saltstack
  • Maintain and keep our high availability instances running
  • Collaborate with other teams and software developers across ioki to deliver the most stable and secure product for customers and passengers
  • Uphold and improve DevOps and IT security standards, tooling and processes

What we’re looking for in you:

  • You enjoy and have experience in building, maintaining and securing modern cloud infrastructure
  • You can implement security policies (according to ISO27001/BSI Grundschutz) and document them properly in an ISMS (I-Doit)
  • You have knowledge in applied cryptography and security (cipher selection, protocol security, attack vectors, etc.)
  • You have an understanding of networking protocols (TCP/IP, UDP, VPN, ARP)
  • You enjoy deploying critical services in an high availability environment
  • You understand relevant legal sections of German law (DSGVO, BSDG-neu)
  • You want to contribute clean code to our infrastructure automation codebase
  • You have the ability and willingness to learn quickly and in a self-guided way. While we already have a DevOps toolset and programming languages we use, experience with them is not a hard requirement. Much more than that, we care that you have general operations and software development skills, high standards and take pride in your work.
  • You enjoy working with multiple people on the same codebase and tools, know what that takes and are open to sharing and improving our work together
  • You want to take responsibility of your work and build sustainable solutions that stand the test of time
  • You speak English fluently (Our company language is English)

We do not expect you to bring all of these qualities with you. It’s fine to have more experience and expertise in one area, while missing something in another.

In a typical week you might:

  • Spin up a new database by using SaltStack and Terraform
  • Create and integrate new monitoring solutions that work with our existing Prometheus and Grafana stack and allow us to stay on top of what’s happening in our infrastructure
  • Review our TLS cipher selection for best compatibility and security
  • Implement an ISO27001 conform process to introduce a new technology and add it to our Information Security Management System (ISMS)
  • Improve the HA-setup so that we can easily scale our infrastructure according to the increasing demands of our platform
  • Research and plan our multi-office network in accordance with regulatory requirements

Our technology

We use OpenStack, Terraform, SaltStack, Prometheus, Grafana to build and maintain our infrastructure on which the platforms runs. The platform itself is built with Ruby and Ruby on Rails, both in up-to-date versions. Our favorite database is PostgreSQL, which we use together with PostGIS, and run in a HA-setup. The platform and its applications are deployed with our custom deployment to our Docker Swarm cluster. Other tools we use are HAProxy, OpenVPN, PowerDNS and Graylog. Our ISMS is I-Doit.

How we work in the Backend Engineering team

ioki is a product company that places high value on crafting quality software. In our technology teams our mission is to create real world value and to have fun doing it.

We’re practicing modern software development in a casual environment. We value clean code, automated tests, refactoring, TDD in the sense of test-driven-design and in the sense of test-driven-development, continuous integration, shipping early and shipping often. Other modern best practices like version control go without saying.

We believe that in order to build high quality software, we need the best tools possible. Our IT governance allows us to use what we think helps us best to achieve our goal of creating a great product.

We’re constantly trying to get better at what we do, sharpen our tools, and learn to get better at developing the best possible software. We support each other in our work and our individual paths.

Software development for us is a collaborative process that can only succeed in an atmosphere in which we can experiment, fail and learn, and help each other get better at what we do.

Code is not owned by a single person, but by the whole team. We use pull requests and extensive, respectful and friendly code reviews to ensure that the code we ship measures up to our own standards.

We host and visit multiple user groups and conferences. Because we know how important it is to always seek better ways to develop software, each employee at ioki has a budget they can use for learning and self-improvement, whether that means visiting a conference or video courses.

Building software is our craft. We take pride in our work. We have a happy and easy-going atmosphere in which we can passionately discuss tools, editors, keyboards and programming languages, always with a wink and a smile.

As a part of Deutsche Bahn ioki has a rich heritage and is still as autonomous as possible. The result is that ioki employees enjoy the benefits of a huge corporation, but have the freedom to take on the challenges that face a fast-growing startup in their own way.

Sende uns deine vollständigen Bewerbungsunterlagen an​

Unsere Vision:

Menschen verbinden und ihnen Lebensraum und Lebensqualität zurückgeben.

Unsere Mission:

Flexible und individuelle Mobilität ohne eigenes Auto erschaffen, die für jeden verfügbar ist.