Security Infrastructure Engineer – Senior

Overview:

SOFTSWISS is looking for a Security Infrastructure Engineer to join our team and take ownership of the infrastructure behind our security systems.

Purpose of the role:

As a Security Infrastructure Engineer, you will be responsible for designing, building, and maintaining the infrastructure that powers the company’s security systems. You will ensure high availability, scalability, and reliability of security platforms, while driving automation, improving operational efficiency, and supporting secure integrations across cloud and on-premise environments.

Key responsibilities:

• Design, deploy, and maintain the security team infrastructure.
• Ensure high availability and reliability of security platforms through proactive monitoring, alerting, and capacity planning.
• Manage and evolve cloud infrastructure across datacenter dedicated servers and cloud providers.
• Automate routine operational tasks: provisioning, configuration management, patching, and secret rotation.
• Troubleshoot and resolve infrastructure incidents as the primary technical owner.
• Maintain infrastructure documentation: architecture diagrams, runbooks, and change logs.
• Collaborate with security engineers to ensure underlying platforms meet tooling and integration requirements.

Required Experience:

• 5+ years of hands-on Linux system administration experience in production environments
• Deep expertise in Linux internals: systems, networking stack, storage, performance tuning
• Solid understanding of networking fundamentals: TCP/IP, DNS, TLS, routing, firewalling (iptables / nftables)
• Experience with bare-metal and dedicated server environments (Hetzner or similar providers)
• Hands-on experience deploying, operating, and hardening Kubernetes clusters in production, including cluster lifecycle management, CNI networking (Cilium preferred), storage, RBAC Experience deploying, configuring, and operating ClickHouse and PostgreSQL in a production environment
• Hands-on experience operating and maintaining Keycloak in production, including HA setup, backend management, realm/client configuration
• Understanding of identity protocols: OIDC, SAML 2.0, OAuth 2.0 Hands-on experience operating infrastructure across cloud platforms and dedicated servers, including compute, networking, storage, and cost optimisation
• Proficiency in Infrastructure as Code: Terraform, SaltStack, Ansible
• Strong scripting skills: Python and/or Go for automation and operational tooling
• Experience building and maintaining monitoring stacks: Prometheus, Grafana, Alertmanager
• Familiarity with log management and aggregation: Vector, Loki, or ELK
• Clear and structured written and verbal communication skills.
• Upper-Intermediate (B2) or higher English level

Nice to have:

• Experience with Talos Linux or other immutable / minimal OS distributions
• Experience with secrets management: HashiCorp Vault / OpenBao, dynamic secrets, PKI
• Knowledge of ClickHouse integrations: Vector pipelines, S3-compatible object storage backends
• Experience in multi-cloud or hybrid infrastructure environments
• Relevant certifications: CKA (Certified Kubernetes Administrator), OCI Architect Associate, Linux Foundation LFCS