DevSecOps Engineer

Tasks:

• Develop Enterprise Standards: Design and implement standardized CI/CD pipelines, Infrastructure as Code (IaC), and security workflows that align with organizational goals.
• Enable Self-Service Solutions: Build self-service workflows for onboarding, platform provisioning, and access management to improve operational efficiency.
• Focus on Automation: Automate repetitive operational tasks, including infrastructure deployments and security checks, to improve consistency and reduce manual effort.
• Embed Security by Default: Integrate security tools (e.g., SAST, DAST, SCA) into the software development lifecycle (SDLC) to ensure secure-by-design practices.
• Advance DevSecOps Maturity: Guide teams in adopting modern DevSecOps practices and support enablement services that interact with application teams daily.
• Collaborate Cross-Functionally: Partner with engineering, security, and operations teams to deliver cohesive solutions aligned with enterprise standards.

Requirements:

• CI/CD Expertise: Advanced experience designing, documenting, and implementing CI/CD strategies for platforms like Java and .NET, using tools like GitHub Actions or Azure DevOps.
• SDLC Mastery: In-depth understanding of branching strategies, collaboration workflows, code quality assurance, release management, and deployment strategies.
• Cloud & Containers: Hands-on experience with containerization/orchestration tools like Docker, Kubernetes, OpenShift, or AKS, and enterprise cloud platforms (Azure preferred).
• IaC & Automation: Proficiency with Infrastructure as Code tools (Terraform, Ansible) and advanced scripting (Python, Bash, PowerShell) for automation.
• Security Integration: Practical experience with automated security tools (e.g., SonarQube, OWASP ZAP) and a good understanding of SAST, DAST, and SCA practices.
• OS & Networking Knowledge: Strong understanding of OS security (e.g., Active Directory, PKI, DNS, group policies).
• Collaboration Skills: Proven ability to work cross-functionally and effectively implement DevSecOps best practices.

Offer:

• Hybrid work - 1 day per week from the Client's office in Wrocław
• MultiSport Plus
• Group insurance
• Medicover Premium
• e-learning platform