DevSecOps Engineer

Responsibilities:

• Designing Secure CI/CD Pipelines: Develop and maintain automated CI/CD pipelines (preferably Gitlab) with a focus on security best practices, including SAST/DAST/SCA, vulnerability assessment.
• Infrastructure Security: Implement and maintain infrastructure as code using Terraform / CloudFormation / Ansible, ensuring secure configuration and compliance with industry standards and regulatory requirements.
• Security Monitoring and Incident Response: Set up and manage security monitoring tools to detect and respond to security incidents promptly. Develop incident response playbooks and collaborate with relevant teams to address security incidents effectively.
• Security Compliance: Ensure compliance with industry regulations (PCI DSS, GDPR, local financial regulation) and internal security policies. Conduct regular security assessments and audits to identify and address compliance gaps.
• Security Tooling and Automation: Evaluate, deploy, and manage security tools and technologies to automate security processes and enhance overall security posture. Continuously research and stay updated on emerging threats and security trends.
• Secrets Management: Design, implement, and maintain robust secrets management solutions and processes using Hashicorp Vault and AWS SM / KMS.
• Collaboration and Knowledge Sharing: Work closely with development, operations, and product teams to embed security into the software development lifecycle. Provide security training and guidance to team members to increase awareness and promote a security-first culture. Maintain comprehensive documentation and playbooks for configuring, operating, and troubleshooting security solutions.
• Risk Management: Participate in risk assessments and threat modelling exercises to identify potential security risks and vulnerabilities. Develop and implement risk mitigation strategies to minimize exposure to security threats.

Requirements:

• Proven experience in DevOps, software engineering, or related roles, with a focus on security.
• Hands-on experience with cloud platforms (AWS, Azure, GCP), containerisation technologies (Docker, Kubernetes), configuration management (Ansible).
• Proficiency in scripting and automation using languages such as Python or Bash.
• Strong understanding of security principles, protocols, and standards (e.g., OWASP Top 10, NIST Cybersecurity Framework, CIS Benchmarks).
• Experience with security testing tools (e.g., Tryvi, Prowler, ScoutSuite, SonarQube, OWASP ZAP, Nessus) and vulnerability management processes.
• Excellent communication and collaboration skills, with the ability to work effectively in a cross-functional team environment.
• Knowledge of financial industry regulations and compliance requirements is a plus.
• Demonstrated ability to adapt to a fast-paced, dynamic environment and drive initiatives independently.

What you will get in return:

• You will join a company that cares about work and life balance.
• Annual Bonus based on the performance review cycle.
• Family Medical Insurance, Pension fund, MyBenefit system, and Multisport card for CoE.
• Generous Annual Leave Policy (26 days of paid leave for B2B and CoE).
• Hybrid working model (3 days from our modern office and 2 days fully remotely).
• Comprehensive Workation Policy with 30 more remote days available.
• Possibility of taking two additional days of paid leave per year to dedicate to volunteering efforts.