Product Owner - Reverse Proxy (m/f/n)

For one of the EU institutions, the role is for a Product Owner responsible for the Reverse Proxy Service, focusing on NGINX OSS/Plus, Apache, and ModSecurity.

Technical Expertise:

• Strong understanding of NGINX OSS/Plus, Apache HTTPD, ModSecurity, and reverse-proxy concepts.
• Experience with header manipulation, URL rewriting, TLS/certificates, upstream patterns, caching, web security patterns.
• Familiarity with CI/CD tooling (GitLab, Ansible, AWX) and configuration-as-code.
• Knowledge of ITIL processes (Incident, Event, Change, Request Fulfilment, Problem).
• Ability to interpret vulnerability announcements (CVE, NGINX/Apache releases).

Product & Delivery Skills:

• Ability to translate customer needs into structured, automation-ready service catalog.
• Experience managing backlog, priorities, and delivering within SAFe or Scrum.
• Comfortable leading discussions with architects, developers, engineers, and security teams.

Operational Leadership:

• Previous responsibility for SLA/SLO monitoring and service quality.
• Crisis management experience including major incidents and outages.
• Ability to run PIR sessions, identify root causes, and lead structural improvements.
• Strong communication skills with technical and non-technical stakeholders.
• Capacity to challenge engineering teams and customers with data-driven arguments.
• High ownership, decision-making, and problem-solving skills.
• Customer-centric mindset.

1. Service Vision & Strategy:

• Define and maintain the service vision for Reverse Proxy and Web Security (NGINX, Apache, ModSecurity).
• Challenge the engineering team with present and future business needs, ensuring scalable, secure solutions aligned with enterprise strategy.
• Anticipate future trends including HTTPS, web security, API gateways, SAML/OIDC integration, performance needs, caching, header manipulation.
• Drive continuous service modernization and elimination of technical debt.

2. Customer Engagement & Service Catalog Definition:

• Work closely with customers to understand business challenges, regulatory constraints, and security needs.
• Transform customer needs into a structured service catalog with clear features, validated parameters, minimal free-text, and automation-ready interfaces.
• Provide expert advisory on onboarding, migrations, reverse-proxy best practices, application patterns, and security recommendations.

3. Operational Ownership & Crisis Leadership:

• Own operations, responsible for service availability and incident outcomes.
• Organize and coordinate operations in crises including incident triage, communication, prioritization of mitigation actions, and alignment of engineering levels.
• Ensure operational teams are trained and autonomous through clear procedures and low-level designs.

4. SLA, Capacity, Performance & Vulnerability Management:

• Monitor and maintain compliance with SLA and SLO including response time, throughput, error rates, and platform stability.
• Lead performance and capacity management.
• Manage vulnerability remediation planning across NGINX, Apache, ModSecurity, OS, and dependencies.
• Own metrics and dashboards for decision-making.

5. Automation & Efficiency:

• Build an automation roadmap including automated provisioning, request fulfillment workflows, Websec rule deployment, configuration generation.
• Drive maturity of CI/CD pipelines.
• Reduce manual operations through templated, validated inputs and infrastructure as code workflows.

6. Product Roadmap & SAFe Alignment:

• Build and maintain Product Roadmap and PI Objectives.
• Ensure synchronization with Scrum Team, SAFe ART, architects, change managers, and Compliancy Squad.
• Provide backlog prioritization based on value, risk, compliance, and operational impact.
• Coordinate delivery commitments and ensure transparency.

7. Squad Leadership:

• Lead multi-level operational squad (Level 1 NOCA, Level 2 NNDOE, Level 3 engineering and architecture).
• Empower team with clear processes, SOPs, decision trees, and structured backlog.
• Facilitate continuous improvement and knowledge sharing.

This job requires initiating the process of obtaining a Security Clearance certificate.