Job
- Level
- Senior
- Job Feld
- IT, DevOps, Security
- Anstellung
- Vollzeit
- Vertragsart
- Unbefristetes Dienstverhältnis
- Gehalt
- 60.000 bis 85.000€ Brutto/Jahr
- Ort
- Berlin
- Arbeitsmodell
- Hybrid, Onsite
Job Zusammenfassung
In dieser Position übernimmst du die Verantwortung für die globale IT-Infrastruktur und Sicherheitsstrategie, führst Migrationen zu Kubernetes durch, optimierst Systemperformance und gewährleistest die Compliance nach GDPR und ISO 27001.
Job Technologien
Deine Rolle im Team
- Zentso builds and operates CloudToolz, a revenue-critical SaaS platform layered on top of iMIS RiSE association management software, serving clients across the UK, Europe, United States, and Asia Pacific. The platform encompasses workflow automation, form building, CRM, CMS, and payment processing capabilities delivered to organisations in multiple sectors.
- We are seeking an experienced IT Infrastructure and Security Lead to own the global infrastructure and security posture underpinning CloudToolz and Zentso's internal systems. This is a senior individual-contributor role with direct access to and collaboration with the CTO on architecture, security strategy, and capacity planning.
- The successful candidate will be comfortable operating independently across a distributed, multi-region environment and taking ownership of uptime, security, and compliance outcomes for a production platform.
- A key part of this role is leading Zentso's transition toward a containerised, Kubernetes-based deployment model and establishing an observability practice built around Grafana OSS.
- The right candidate will be capable of bridging the current Windows Server and IIS-based estate with the target state architecture, and driving that migration in a controlled and pragmatic way.
- Manage and maintain global infrastructure spanning Windows Server 2022, SQL Server, MongoDB, Redis, and Cloudflare across four regions.
- Ensure availability, performance, and scalability of the CloudToolz platform, which is revenue-critical and must meet defined SLAs.
- Support the CTO in planning and executing deployments of new CloudToolz releases, an ASP.NET Core-based platform integrating with Dynamics, iMIS, Salesforce, and native CRM and CMS capabilities.
- Lead the migration of CloudToolz workloads toward a Kubernetes-based container orchestration model, defining the target architecture, migration sequencing, and rollout approach in collaboration with the CTO.
- Manage and evolve Kubernetes cluster operations including deployments, scaling, resource management, network policies, and RBAC.
- Build and maintain an observability stack using Grafana OSS, including dashboards, alerting, and integration with metrics, logs, and traces from application and infrastructure layers.
- Manage DNS, CDN, WAF, and DDoS protection through Cloudflare.
- Monitor system performance, identify and resolve bottlenecks, and lead incident response and recovery.
- Maintain up-to-date documentation, runbooks, configuration standards, and disaster recovery procedures.
- Lead IT security operations including identity and access management, endpoint protection, and vulnerability management.
- Administer and enforce policies across Microsoft 365, Bitwarden, Bitdefender GravityZone, and KnowBe4.
- Develop and enforce data protection and compliance policies aligned to GDPR and ISO 27001 frameworks.
- Conduct and coordinate security awareness training, phishing simulations, and incident response exercises.
- Monitor for threats and manage response, escalation, and remediation processes.
- Administer and optimise Microsoft 365 across the organisation, including Exchange Online, SharePoint, Teams, and Entra ID.
- Manage Salesforce administration within scope, in coordination with the product team.
- Own configuration and policy management for endpoint security tools and password management.
- Collaborate with the CTO on infrastructure scaling strategy, architecture decisions, and technology selection, with a particular focus on the containerisation roadmap.
- Drive adoption of infrastructure-as-code practices to support repeatable, auditable deployments across environments.
- Drive automation of routine operations using PowerShell, scripting, and monitoring tooling.
- Provide input into sprint planning and release coordination with the Product Owner for environment-level requirements.
- Participate in on-call rotation to ensure platform availability across time zones.
Unsere Erwartungen an dich
Qualifikationen
- Solid proficiency in Microsoft 365 administration, including Entra ID (Azure AD), Exchange Online, and SharePoint.
- Strong understanding of networking fundamentals including firewalls, VPNs, DNS, and access control architecture.
- Ability to work independently, manage competing priorities, and communicate clearly with both technical and non-technical stakeholders.
- Familiarity with container runtimes and tooling including Docker, containerd, Helm, and kubectl.
- Relevant certifications such as MCSE, CISSP, CompTIA Security+, CKA, or equivalent.
- PowerShell scripting proficiency for automation, configuration management, and reporting.
- Exposure to CI/CD pipelines and GitOps workflows in a production environment.
Erfahrung
- 5 or more years of experience in IT infrastructure, cloud operations, systems administration, or DevOps roles.
- Strong hands-on experience with Windows Server 2022 and SQL Server in production environments.
- Proven experience with MongoDB and Redis in operational contexts.
- Demonstrated Cloudflare experience covering DNS management, WAF rules, CDN configuration, and security features.
- Working knowledge of enterprise security tools; direct experience with Bitwarden, KnowBe4, Bitdefender GravityZone, or equivalent products is preferred.
- Sound knowledge of GDPR and practical experience implementing or maintaining compliance controls.
- Experience working with geographically distributed teams across multiple time zones.
- Hands-on Kubernetes experience, including cluster administration, workload deployment, networking (ingress, network policies), RBAC, and persistent storage.
- Experience building or operating an observability stack with Grafana OSS, including Prometheus metrics, Loki log aggregation, and Grafana dashboards and alerting.
- Familiarity with ISO 27001 and experience contributing to certification or audit processes.
- Experience with infrastructure-as-code tools such as Terraform, Pulumi, or Ansible.
- Salesforce administration experience.
Unser Angebot
- This is a full-time, permanent position based in Berlin, Germany, offered on a remote-first basis.
- The CloudToolz platform operates continuously across multiple regions; the role includes on-call and out-of-hours escalation responsibilities.
- Base salary range: €60,000 - €85,000 per year.
- Typical target: €70,000 - €80,000 per year.
- Performance bonus: Discretionary, based on individual and company performance.
- Pension: Employer contribution in line with local requirements.
- Flexible working: Remote-first; flexible hours with availability for global coordination.
- Probation: 6 months.
- Compensation is commensurate with demonstrable experience and the scope of the role.
Themen mit denen du dich im Job beschäftigst
Job Standorte
Das ist dein Arbeitgeber
Zentso S GmbH
Die Zentso S GmbH ist ein renommiertes Softwareunternehmen mit Hauptsitz in Berlin, das sich auf Lösungen für das Management von Mitgliedsorganisationen fokussiert. Das Unternehmen entwickelt die CloudToolz-Plattform, die unter anderem Workflow-Automation, CRM und Zahlungsabwicklung umfasst. Zentso bedient Kunden in Europa, den USA, dem Vereinigten Königreich und im asiatisch-pazifischen Raum.
Description
- Unternehmenstyp
- Etablierte Firma
- Branche
- Internet, IT, Telekom
IT Infrastructure and Security Lead
- Gehalt
- 60.000 bis 85.000€ Brutto/Jahr
- Ort
- Berlin
- Arbeitsmodell
- Hybrid, Onsite
- Diversität
- Für alle Personen geeignet (m/w/d)
- Nur Englisch
- Nur Englisch erforderlich
