DevOps / Security Engineer
Role details
Job location
Tech stack
Job description
Securing and scaling the digital infrastructure for plant resilience research. CropXR is a Dutch public-private research initiative focused on climate-resilient agriculture. Within CropXR, the Resilience Hub provides a central digital infrastructure for integrating and analysing experimental, phenotypic, and genomic, data from a broad range of academic and industrial research partners. The Resilience Hub is built at TU Delft in collaboration with SURF, the Dutch national research and education network, which provides cloud infrastructure, storage, and associated digital services for the academic and research community. To strengthen the technical foundation of the Resilience Hub, we are looking for a DevOps / Security Engineer who will help design, operate, and secure the platform infrastructure. The role focuses on ensuring that the system is reliable, scalable, and secure, while aligning with best practices for research data platforms.
This position is part of the engineering team supporting CropXR's data infrastructure.
You will:
- Design, implement, and maintain the infrastructure supporting the Resilience Hub, primarily using services provided locally and through SURF.
- Develop and improve CI/CD pipelines for reliable deployment of services.
- Ensure security-by-design across infrastructure and services.
- Manage and improve identity and access management (IAM), authentication, and authorization systems.
- Work with SURF-provided services for compute, storage, networking, and platform integration, ensuring optimal use of the available research infrastructure.
- Monitor system performance, reliability, and security, and implement alerting and incident response procedures.
- Contribute to architectural decisions around scalability, cost efficiency, and maintainability.
Requirements
Do you have a Bachelor's degree?, We are looking for candidates with:
- Experience in DevOps, platform engineering, or infrastructure engineering roles.
- Strong understanding of cloud-native architectures and containerized systems.
- Hands-on experience with tools such as Kubernetes, container, and CI/CD systems.
- Security experience in Python environments
- Experience implementing or maintaining security controls, including network security, secrets management, and access control.
- Familiarity with identity and access management (IAM) systems and secure service-to-service communication.
- Solid programming or scripting skills.
- Experience with monitoring, logging, and observability systems.
We would particularly value experience with:
- Experience working with or in collaboration with SURF cloud and other services.
- Security practices in research, academic, or data-intensive environments.
- Operating systems handling sensitive or large-scale scientific data.
- Infrastructure supporting data platforms, scientific computing, or ML workflows.
- Incident response, vulnerability management, and security auditing.
- Working in interdisciplinary environments involving both researchers and engineers.
Applicants who do not meet every requirement but have relevant infrastructure and security engineering experience are encouraged to apply. Please note: due to Dutch regulations, only candidates from EU countries or those with a valid Dutch work permit are eligible for this position.
Benefits & conditions
Pulled from the full job description
- Professional development assistance
- Pension plan, * Duration of contract is 2 years Temporary
- A job of 38-40 hours per week.
- A salary based on Scale 10 of the CAO for Dutch Universities with a salary between €3546 - €5538 gross per month based on a fulltime contract (38 hours), plus 8% holiday allowance and an end-of-year bonus of 8.3%.
- An excellent pension scheme via the ABP.
- The possibility to compile an individual employment package every year.
- Discount with health insurers on supplemental packages.
- Flexible working week.
- Every year, 232 leave hours (at 38 hours). You can also sell or buy additional leave hours via the individual choice budget.
- Plenty of opportunities for education, training and courses.
- Partially paid parental leave
- Attention for working healthy and energetically with the vitality program.