Job description:
For our customer we are looking for a * * "Solution Architect - openDesk Qualification / Pilot (Air-Gap, Cloud & Container Services)" * * (m / w / d)
Project description
In a highly secure environment, the cloud native open source suite * * openDesk * * is enabled to design, implement and operate on a * * disconnected / air-gapped * * cloud & container platform. The aim is to * * * prove the enterprise ability * * for use in a large, complex environment under * * load conditions * * by * * field test (pilot) * *. As part of the qualification, the suite is continuously analysed and evaluated, the feature set is extended in the requirements management, the cross-disciplinary consistency of the solution is ensured, and the Lifecycle management is established and implemented. In addition, users are prepared and accompanied for the modified software. For the detection, for example, robustness, load capacity, scalability, flexibility and user acceptance are considered.
Framework parameters
* * * Start: * * 01.04.2026
* * * Duration: * * to 31.12.2026
* * * full capacity: * * full capacity
* * * Location: * * Remote (about 98%) in Germany, if applicable HW pick-up (i. d.)
* * * hourly rate: * * approx. 100 EUR
* * * Note: * * SÜ2-standby
Tasks
* Architecture and target image for openDesk in the Air-Gapsetup, including PoCs and technical decision-making
* Continuous analysis / evaluation of the openDeskSuite as well as derivation of pilot measures
- and operational capacity
* Requirements management for the extension / sharpening of the feature set including scoping and planning (stories / tasks)
* Establishment of Lifecycle Management incl. Release cycle, installation / update automation and standardisation (e.g. helmet)
* Support of the field test / pilot including proof of robustness, load capacity, scalability, flexibility and user access
* Management reporting, acceptance of user stories, knowledge transfer and documentation in Git
Experience & knowledge
* * Must-Haves * *
* * * openDesk operation including Part components (1.5 years): * * Operation & maintenance of the Kubernet-based openDeskplatform; Deployment / updating of the stacks in the cluster (e.g. helmet / GitLab CI) including Rollouts / Rollbacks; monitoring of pods, ingress, storage (PV / PVC), certificates and network policies; IAM with Univention / Nubus including user / group / roll lifecycle; Connection of applications to central IAM including SSO (SAML / OIDC), roll mapping and commission; Operation OX App Suite / OX Guard as well as Nextcloud including OX? Nextcloud integration and error analysis
* * * IT architecture (3 years): * * Design / preparation of PoCs, identification of requirements, analysis of problems, evaluation of service mesh (e.g. Istio or LinkerD), introduction of a cube net environment, establishment of identity management, creation / adaptation of helmet charts, installation
- and update automation, establishment of a release cycle, knowledge transfer
* * * Air-Gap / Disconnected Cluster (5 years): * * Planning / Concepting as well as services related to the construction of a disconnected cluster
* * * CI / CD (5 years): * * Design and implementation of the CI / CD infrastructure, design and implementation of the build processes, implementation of a CI / CD pipeline with automated testing and deployment
* * * Agile Project Management (5 years): * * Identification of requirements, creation of project design (scoping) and project planning (stories / tasks), creation of resource planning, implementation of Scrum / channel events, creation of reports for management, acceptance of user stories
* * * ITIL (3 years): * * Design of IT processes, process adaptation / process integration (e.g. interaction CI / CD and ITIL), change management
* * Nice-to-has * *
* * * DevSecOps (3 years): * * Design / execution of PoCs in cloud / container computing, installation / maintenance / maintenance, test automation, testing of effects on connected systems, operation of software in the cloud (DataCenter), automation of deployment, grid pipelines, handling of CVE findings and management, technical installation documentation in Git
* * * Ansible (2 years): * * Development / maintenance of Ansible- components and playbooks, identification of business processes and implementation in playbooks, REST connections to target systems, integration in service portals for self-service processes
* * * Prometheus (1 year): * * Configuration and use of the monitoring tool
* * * PKI / Security Engineering (3 years): * * Conception of the PKI architecture and security policies, root / sub-C design (offline root, issuing-Cas), policies (CP / CPS), key strengths / algorithms / runtimes / name conventions, CA installation / configuration (HSM), certificate templates, directory connection, auto-enrollment / group policies
* * * REST- Services (1 year): * * Planning / design as well as services related to the use of REST- Services (RESTAPIs)
* * * Training (5 years): * * Planning and carrying out of training