This position is as a full time employee position supporting the financial services/payments space and is fully onsite in Au in der Hallertau, Germany. Please apply only if you have experience with a valid work authorization.

About Blankfactor

At Blankfactor, we are dedicated to engineering impact. We build high-quality tech solutions for companies looking to innovate and grow—especially in fast-moving industries like payments, banking, capital markets, and life sciences.

About the Role

We are seeking a DevOps Lead to own the operational delivery and automation for backend systems supporting terminal management and terminal configuration. You will implement and operate robust CI/CD pipelines, integrate mandated cyber- security tooling (for example Fortify), and coordinate delivery with platform and domain teams across the organisation. The role is hands on, delivery focused and requires strong collaboration and technical leadership.

Key Responsibilities:

• Define and implement the DevOps delivery plan for POS, terminal management systems (TMS) and terminal configuration systems (TCS):translate product and roadmap requirements into pipeline, deployment and operational workstreams.
• Build and run CI/CD pipelines: design, implement and maintain automated build, test and deployment pipelines for backend services and terminal software artefacts (Jenkins, GitLab CI, GitHub Actions or equivalent).
• Integrate mandated security tooling: incorporate SAST (Fortify), SCA, DAST and other security scans into pipelines to enable shift left security and ensure compliance gates are enforced.
• Infrastructure as Code and environment provisioning: author and maintain IaC (Terraform), configuration management and container orchestration(Kubernetes) for dev, test and production environments.
• Secrets, keys and configuration management: implement secure secrets management and key lifecycle controls; liaise with HSM and security teams on key management and crypto interfaces.
• Release orchestration and deployment strategy: design and run release patterns appropriate to terminal ecosystems (blue/green, canary, phased rollouts), manage artefact repositories (Nexus/Artifactory) and ensure safe, auditable cutovers.
• Observability and resilience: instrument services for monitoring, logging and tracing (Splunk/Dynatrace), define SLOs/SLIs and lead incident response and postincident reviews.
• Performance, capacity and cost optimisation: define runbooks, perform capacity planning, tune platform resources and drive cost efficient cloud/native architectures.
• Compliance and change control: ensure deployments meet regulatory and internal audit requirements, lead CI/CD change control processes and support certification activities where required.
• Cross team coordination: work closely with platform, security, product, QA, Android/terminal engineering and operations teams to manage dependencies, environment stability and release readiness.
• Automation and test integration: embed automated testing into pipelines (unit, integration, contract and E2E), coordinate devicefarm or emulator test runs for terminal images and support QA automation needs.

Primary Objectives:

• Deliver reliable, repeatable CI/CD and deployment processes for POS, TMS and TCS that reduce lead time for changes and minimise risk to production terminals.
• Fully integrate mandated security scans (including Fortify) into the pipeline with clear pass/fail gates and rapid remediation workflows.
• Improve platform stability and observability to reduce incident frequency and mean time to resolution.
• Ensure releases to terminal fleets are auditable, compliant and executed with low consumer impact through robust orchestration and rollout strategies.
• Provide concise, accurate status and risk reporting to programme and senior stakeholders; escalate issues promptly and propose pragmatic mitigations.

Knowledge & Skills:

• Proven handson experience in DevOps/Platform roles within large enterprises, preferably in payments, fintech or POS ecosystems.
• Strong experience with CI/CD tooling and pipeline design (GitLab CI, GitHub Actions, Azure DevOps etc.).
• Practical knowledge of SAST tools (Fortify), SCA/DAST tooling and how to integrate them into automated pipelines and governance.
• Solid expertise in IaC and container platforms: Terraform, Docker, Kubernetes and Helm.
• Experience with secure secrets and key management solutions (HSM interactions) and understanding of PCI and other payment security controls.
• Familiarity with backend technologies commonly used in payment systems (Java, Kotlin, Spring, microservices, REST APIs, Kafka/message buses and relational/datastore technologies).
• Understanding of terminal management and configuration systems, release packaging for terminals and constraints of device fleets.
• Observability and incident management skills: Prometheus, Grafana, Dynatrace, tracing and structured logging.
• Good scripting and automation skills (Python, Bash, Groovy, or relevant languages) and experience with artefact repositories (Nexus).
• Strong analytical and problemsolving ability, with a methodical approach to debugging and root cause analysis in production environments.
• Excellent verbal and written communication and stakeholder management skills; able to produce clear delivery/status reports for technical and nontechnical audiences.
• Experience working with and influencing platform, security and domain teams in matrix organisations.

Educational & Professional Requirements:

• Bachelor’s degree in Computer Science, Engineering or equivalent practical experience.
• Professional DevOps, cloud or security certifications are advantageous (AWS/Azure/GCP, Certified Kubernetes Administrator, CISSP, or equivalents).
• Practical experience in regulated/financial environments and familiarity with payment compliance frameworks (PCI DSS) is highly desirable.