Domain Architect - Ansible, Terraform, GITHub

HCLTech
Amsterdam, Netherlands
yesterday

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate

Job location

Amsterdam, Netherlands

Tech stack

Amazon Web Services (AWS)
Amazon Web Services (AWS)
Apache HTTP Server
Azure
Software as a Service
Cloud Computing
Control Objectives for Information and Related Technology (COBIT)
Continuous Integration
Linux
Elasticsearch
File Transfer
Github
Identity and Access Management
Python
Windows Server
Network Segmentation
Openshift
Role-Based Access Control
Red Hat Enterprise Linux - RHEL
Remote Access Technology
Ansible
Prometheus
Zero Trust Network Access
Service Development Studio
SQL Databases
Systems Integration
VCloud
Data Logging
Google Cloud Platform
Cyberark
Grafana
Control Structures
Build Server
GIT
Kubernetes
Hashicorp
Kafka
Terraform
Software Version Control
Jenkins
VMware

Job description

Job Description : Familiarity with logging and monitoring stacks (Kafka, Elasticsearch, Prometheus/Grafana), Job Responsibilities : Design and operate the interactive access service based on Apache Guacamole, containerized on OpenShift, translating HTTPS to native protocols (SSH, RDP, SQL, VNC) Build and maintain the file transfer service using S3 presigned URLs with time-bound expiry and tenant-scoped bucket/path access controls Engineer tenant isolation within shared SaaS-style deployments, ensuring each consuming team only accesses their own targets through predefined connections and network-level controls Design credential lifecycle automation: retrieval/seeding at session start, reset/removal at session stop, integrated with Privileged Access Management and credential stores Build session recording and logging pipelines shipping audit data to tenant-specified log repositories (Kafka, S3, Git) Implement metering and billing event generation for per-tenant consumption tracking Develop CI/CD pipelines for automated platform lifecycle management: provisioning, start, stop, decommissioning (immutable infrastructure / cattle model) Collaborate with security teams to refine detection scenarios every sprint and maintain audited control reporting (Seven IT Risk Controls, COBIT framework) Define and monitor SLIs/SLOs: start latency, session success rate, recording completeness, tenant isolation violations, credential reset compliance, 1. Architect And Design Cloud-Based Solutions Using Ansible And Terraform, Ensuring Alignment With Defined Scope And Quality Standards For Product And Sustenance Delivery.

  1. Train And Mentor Team Members On Best Practices For Ansible And Terraform, Ensuring A Skilled Workforce That Can Effectively Deliver Solutions And Mitigate Delivery Risks.
  2. Gather And Analyze Specifications From Clients, Delivering Tailored Solutions That Leverage Cloud Technologies And Meet Organizational Requirements.
  3. Stay Updated With Emerging Technologies And Industry Trends, Integrating New Tools And Methodologies Into Current Projects To Enhance Solution Quality And Effectiveness.

Requirements

Do you have experience in VMware?, Skill Requirement : 3+ years hands-on experience with Kubernetes/OpenShift in production (deployment, networking, RBAC, persistent storage, operators) Proficiency in Go and Python for platform service development, automation, and tooling Strong Linux systems engineering (SSH, networking, security hardening, systemd) Container orchestration and CI/CD pipeline design (Helm, ArgoCD, Tekton, or equivalent) S3-compatible object storage (MinIO or AWS S3): presigned URLs, bucket policies, IAM integration Azure DevOps for backlog management, CI/CD pipelines, and release workflows Infrastructure as Code: Terraform, Ansible, or equivalent Understanding of security principles: zero-trust, defence-in-depth, protocol insulation, MFA, credential management Experience with IAM systems, directory services integration, and conditional access policies Familiarity with logging and monitoring stacks (Kafka, Elasticsearch, Prometheus/Grafana), Other Requirement : VMware Cloud Foundation (VCF) experience or familiarity with VCF-based infrastructure Experience with Privileged Access Management tooling (CyberArk, HashiCorp Vault) Experience with Apache Guacamole or similar remote access gateway technologies RDP and Windows Server administration knowledge Experience in regulated financial services environments (DORA, NIS2, or equivalent regulatory frameworks) Understanding of network segmentation and firewall rule management SOC2 Type 2 reporting or equivalent security assurance frameworks Experience designing metering/billing event pipelines for internal platform products, 1. Proficient In Ansible And Terraform For Infrastructure As Code Implementations.

  1. Solid Understanding Of Ci/Cd Tools Such As Jenkins And Cloud Build Processes.
  2. Familiarity With Version Control Systems Like Git And Github.
  3. Strong Analytical Skills For Gathering And Interpreting Client Specifications.

Other Requirements

  1. Optional Certifications: Hashicorp Certified: Terraform Associate, Red Hat Certified Engineer (Rhce), Or Relevant Cloud Certifications (Aws, Azure, Gcp)

Apply for this position