Platform Engineer / DevOps (m/f/d) | AI GovTech Startup | Munich
Ayunis · Munich, Bavaria, Germany
Software Development · 11-50 employees
About the role
Own the production environment, including deployment pipelines, monitoring, and secrets management for a GovTech AI platform. Implement technical controls for ISO 27001 and GDPR compliance while optimizing system uptime and reliability.
What they look for
Requirements
Requires a software engineer with a strong focus on infrastructure, production system management, and security-first instincts. Experience with compliance-driven environments and a pragmatic approach to alerting and scope is essential.
Benefits
Full description
Ayunis is a leading GovTech startup from Munich. Over 800 cities and municipalities across the DACH region already work with our software — with Ayunis, we're bringing AI to the public sector: secure, compliant, and actually useful.
Tasks
You will own how Ayunis runs in production — not just keeping services up, but the whole package around them: how code gets deployed, how secrets are handled, how we observe our systems, how we get alerted when things go wrong or get slow, and how we prove to customers and auditors that their data is safe. This is a builder role, not a maintenance role: you'll inherit a working but early setup, take it to the next maturity level, and push good operational patterns into the product code itself, working alongside our backend engineers.
Your Responsibilities
- You run our production services (NestJS backend, React frontend, PostgreSQL, Redis, MinIO, LLM provider integrations) and own uptime, backups and restore drills, capacity, and incident response
- You build an automated deployment pipeline the team loves: fast, safe, boring releases with rollbacks, migration safety, and staging environments — if deploying is scary or slow, that's a bug you own
- You introduce and drive patterns for structured logging, metrics, and tracing — in the infrastructure and in the product code — including precise alerting when LLM responses are slow, erroring, or degrading, per provider and per model
- You develop and own a proper secrets management setup (Vault or comparable): encrypted at rest, access-controlled, rotatable, auditable
- You implement the technical controls behind our ISO 27001 and GDPR obligations: encryption of databases and backups, key management, access logging, retention
- You shape our tooling choices: today we run Docker / Docker Compose on dedicated Linux servers (Hetzner) with GitHub Actions and Sentry — where it goes next is largely up to you, and we prefer boring, proven technology over resume-driven engineering
Requirements
- You're a software engineer at heart who gravitated toward infrastructure — comfortable opening a TypeScript codebase and adding a metrics middleware, not just writing pipelines around it
- You have experience running production systems end-to-end: deployment, monitoring, incidents, backups, and the 3 a.m. question of "how would we recover?"
- You're security-minded by default: secrets handling, least privilege, and encryption are instincts, not checklist items
- You're familiar with compliance-driven environments (ISO 27001, SOC 2, or GDPR technical measures) — or genuinely interested in making auditors happy without making developers miserable
- You're opinionated about alerting quality: you've felt alert fatigue and know how to design for signal
- You're pragmatic about scope: we're a small team, so you prioritize ruthlessly and communicate what's deferred
Benefits
- 🎉 Regular team events
- 🧘 Two free yoga/breathwork sessions per month
- 📈 Room to grow in a 30+ person startup
- 🏢 New Munich office with kitchen, lounge, and 50-meter outdoor pool
- 💻 Latest tech equipment
- 🚀 Real responsibility from day one — the platform is yours
- ⚡ Flat hierarchies and fast decisions
- 🏛️ Meaningful work: modernizing public administration with AI
Sounds like you? We'd love to hear from you!