Aktuelle Position auswählen
Wählen Sie Rolle und Level — wir zeigen Pfad, Skills und Gap-Analyse.
Entwicklungspfad
Junior
0-2 years
Verantwortung: Setting up cloud resources. Writing Terraform configurations. Monitoring cloud services. Managing IAM.
Schlüssel-Skills:
Middle
2-5 years
Verantwortung: Designing cloud architecture. Terraform modules. Networking (VPC, subnets). Cost optimization basics. Multi-environment.
Schlüssel-Skills:
Senior
5-8 years
Verantwortung: Multi-account/multi-project architecture. Landing zones. Network design. Security policies. Disaster Recovery. FinOps.
Schlüssel-Skills:
Lead / Staff
7-12 years
Verantwortung: Cloud strategy. Multi-cloud/hybrid cloud. Vendor management. Budget planning. Security compliance.
Schlüssel-Skills:
Principal
10+ years
Verantwortung: Enterprise cloud strategy. Cloud operating model. Vendor negotiations. Industry best practices.
Schlüssel-Skills:
Gap-Analyse: zu entwickelnde Skills
Für die nächste Stufe entwickeln Sie:
Independently writes Ansible playbooks and roles for cloud infrastructure automation including VM provisioning, network configuration, and security group management. Implements dynamic inventory scripts for cloud providers and uses Ansible collections (amazon.aws, google.cloud, azure.azcollection) for idempotent resource management. Structures playbooks with roles, handlers, and templates for reusable cloud configuration patterns across environments.
Independently configures ArgoCD Applications and ApplicationSets for multi-environment cloud infrastructure deployments. Writes sync policies with automated self-healing, pruning strategies, and sync waves for ordered resource provisioning. Implements RBAC and project-level access controls for cloud team namespaces.
Designs AWS infrastructure: multi-AZ architecture, Auto Scaling Groups, ALB/NLB, Route 53 for DNS. Configures VPC peering, Transit Gateway, Security Groups and NACLs. Works with managed services — RDS, ElastiCache, SQS, SNS for building resilient systems.
Independently creates and maintains Blue/Green Deployment. Configures CI/CD pipelines. Automates routine operations.
Independently creates and maintains Canary Deployment. Configures CI/CD pipelines. Automates routine operations.
Implements CDN configurations with custom cache policies and origin failover using IaC. Deploys edge computing workloads for request transformation and A/B testing. Optimizes cache hit ratios and reduces origin load.
Optimizes Docker images: multi-stage builds, layer minimization, selecting alpine/distroless base images. Configures health checks, resource limits, graceful shutdown. Works with private registries (ECR, GCR, ACR) and configures vulnerability scanning.
Designs CI/CD pipelines for infrastructure: terraform plan in PR with result comment, automated apply after merge, matrix builds for multi-environments. Configures OIDC federation with AWS/GCP for secure authentication without long-lived credentials.
Independently configures and manages Google Cloud Platform. Writes IaC for common tasks. Understands networking and security basics.
Authors reusable Helm charts with parameterized templates and dependency management. Implements Helm hooks for migration and initialization workflows. Integrates Helm deployments into CI/CD pipelines with automated testing.
Configures Kubernetes RBAC, network policies, and Ingress controllers for multi-tenant cloud environments. Writes Helm charts and manages cluster upgrades with zero-downtime strategies.
Configures production-ready deployments: resource requests/limits, liveness/readiness probes, HPA, PDB. Works with Ingress controllers, NetworkPolicy, RBAC. Understands scheduling, taints/tolerations and affinity rules for load distribution.
Independently configures and manages Microsoft Azure. Writes IaC for common tasks. Understands networking and security basics.
Applies security headers (CORS, CSP, X-Frame-Options). Protects against SSRF, path traversal, mass assignment. Uses input validation and sanitization. Configures rate limiting. Conducts basic security code review.
Independently writes Pulumi programs for multi-cloud deployments using component resources and stack references. Configures networking, IAM, and storage with proper secret encryption and environment management. Understands Pulumi policy-as-code with CrossGuard for compliance enforcement.
Independently configures and manages Serverless Containers. Writes IaC for common tasks. Understands networking and security basics.
Independently designs and deploys serverless architectures with API Gateway, SQS, and event-driven triggers. Configures cold start mitigation, concurrency limits, and VPC connectivity. Writes Terraform/CloudFormation for serverless stacks.
Writes modular Terraform configurations for multi-tier cloud architectures. Creates reusable modules with input variables, outputs, and documentation. Manages multi-environment setups using workspaces or directory structures. Implements remote state with locking (S3+DynamoDB, GCS). Configures IAM policies and security groups through Terraform.
Independently configures VPN solutions and network isolation in multi-cloud environments: AWS VPN Gateway, Azure VPN, GCP Cloud VPN with BGP routing. Implements network segmentation using VPC service controls, private endpoints, and transit gateway architectures. Understands zero-trust network access patterns.
Independently configures and manages Yandex Cloud. Writes IaC for common tasks. Understands networking and security basics.
Independently configures cloud load balancing: multi-AZ ALB with path-based routing, weighted target groups for canary deployments, and WAF integration. Implements auto-scaling policies triggered by load balancer request metrics.
Designs network architecture: multi-tier VPC with public/private/isolated subnets, VPC Peering, Transit Gateway for VPC connectivity. Configures DNS (Route 53/Cloud DNS) with health checks and failover. Works with Site-to-Site VPN and Direct Connect for hybrid environments.
Independently configures container security scanning in CI/CD pipelines with Trivy, Snyk Container, or Aqua. Implements admission controllers for vulnerability gates. Manages base image registries with automated vulnerability patching workflows.