Product Owner - Reverse Proxy (m/f/n)

For one of the EU institutions we are looking for a Product Owner - Reverse Proxy Service (m/f/n).

Relocation to Luxembourg is required.

Offer

• B2B contract

• Location: Luxembourg (relocation is required)

• Rate: up to 600 EUR/MD

• Project duration: 1 year

We are looking for an experienced Product Owner for the Reverse Proxy Service, responsible for NGINX OSS/Plus and Apache with ModSecurity.

This role focuses exclusively on reverse proxy, secure HTTP traffic handling, and web protection.

The Product Owner owns the service vision, roadmap, lifecycle, and operational performance. They challenge the engineering teams with concrete business scenarios, guide customers to define clear and automation-ready service requirements, and lead the squad (Level 1, Level 2, Level 3) to deliver a robust, compliant, secure, and performant reverse proxy platform.

The PPO acts as the primary link between customers, engineering, security, architecture, and the SAFe organization.

Key Responsibilities

1. Service Vision & Strategy

• Define and maintain the service vision for Reverse Proxy and Web Security (NGINX, Apache, ModSecurity).

• Challenge the engineering team with present and future business needs, ensuring solutions are scalable, secure, and aligned with enterprise strategy.

• Anticipate future trends: HTTPS, web security, API gateways (basic features), SAML/OIDC integration, performance needs, caching, header manipulation, etc.

• Drive continuous service modernization and elimination of technical debt.

2. Customer Engagement & Service Catalog Definition

• Work closely with customers to understand business challenges, regulatory constraints, and security needs.

• Transform customer needs into a structured service catalog, with:

• clear features

• validated parameters

• minimal free-text

• automation-ready interfaces

• Provide expert advisory to customers on onboarding, migrations, reverse-proxy best practices, application patterns, and security recommendations.

3. Operational Ownership & Crisis Leadership

• Act as the owner of operations, responsible for service availability and incident outcomes.

• Organize and coordinate operations in case of crisis:

• incident triage and communication

• prioritisation of mitigation actions

• alignment of NOCA (L1), NNDOE (L2), and Level 3 engineers

• post-incident review contribution

• Ensure operational teams are trained and autonomous through clear procedures and low-level designs.

4. SLA, Capacity, Performance & Vulnerability Management

• Monitor and maintain compliance with agreed SLA and SLO:

• response time

• throughput and capacity

• error rates

• platform stability

• Lead performance and capacity management (traffic peaks, large customer onboarding, new protocol testing).

• Manage vulnerability remediation planning across NGINX, Apache, ModSecurity, OS, and dependencies.

• Own the metrics and dashboards used for decision-making.

5. Automation & Efficiency

• Build a structured and achievable automation roadmap:

• automated provisioning

• request fulfilment workflows

• Websec rule deployment (ModSec)

• configuration generation (GitLab + NetBox + AWX)

• Drive the maturity of CI/CD pipelines for the service.

• Reduce manual operations through templated, validated inputs and infrastructure as-code workflows.

6. Product Roadmap & SAFe Alignment

• Build and maintain an aligned Product Roadmap and PI Objectives.

• Ensure synchronisation with:

• Scrum Team

• SAFe ART

• architects

• change managers

• Compliancy Squad

• Provide backlog prioritisation based on value, risk, compliance, and operational impact.

• Coordinate delivery commitments and ensure transparency toward stakeholders.

7. Squad Leadership

• Lead a multi-level operational squad:

• Level 1 (NOCA) – basic triage and request fulfilment

• Level 2 (NNDOE) – deeper operational tasks

• Level 3 – engineering and architecture

• Empower the team with clear processes, SOPs, decision trees, and a well structured backlog.

• Facilitate continuous improvement and knowledge sharing.

Required Skills & Experience

Technical Expertise:

• Strong understanding of NGINX OSS/Plus, Apache HTTPD, ModSecurity, and reverse-proxy concepts.

• Experience with:

• header manipulation

• URL rewriting

• TLS/certificates

• upstream patterns

• caching

• web security patterns

• Familiarity with CI/CD tooling (GitLab, Ansible, AWX) and configuration-as-code.

• Knowledge of ITIL processes (Incident, Event, Change, Request Fulfilment, Problem).

• Ability to interpret vulnerability announcements (CVE, NGINX/Apache releases).

Product & Delivery Skills:

• Strong capability to translate customer needs into a structured, automation-ready service catalog.

• Experience running a backlog, managing priorities, and delivering within SAFe or Scrum.

• Comfortable leading discussions with architects, developers, engineers, and security teams.

Operational Leadership

• Previous responsibility for SLA/SLO monitoring and service quality.

• Crisis management experience (major incidents, outages, large-scale customer impact).

• Ability to run PIR sessions, identify root causes, and lead structural improvements.

• Strong communication skills with both technical and non-technical stakeholders.

• Capacity to challenge engineering teams and customers with data-driven arguments.

• High level of ownership, decision-making, and problem-solving.

• Customer-centric mindset.

Success Criteria (12 months)

• A complete, structured, automation-ready Reverse Proxy Service Catalog published.

• ≥80% of operational tasks automated through GitLab–NetBox–AWX pipelines.

• SLA metrics continuously respected and reported with clear dashboards.

• A resilient run organisation with documented workflows, SOPs, and crisis procedures.

• Customers onboarded through seamless request fulfilment workflows with minimal manual interpretation.

• A mature backlog aligned with SAFe PI cycles, with predictable delivery and transparent commitments.

IMPORTANT: Please note that this job would require you to initiate the process of getting a Security Clearance certificate. We will be happy to give you more details during the interview.