DevSecOps Engineer

Embed security into every stage of development by building secure CI/CD pipelines, automating security workflows, and enabling engineering teams to deliver reliable, compliant software at scale.

Responsibilities:

• Build and maintain secure CI/CD pipelines with integrated SAST, DAST, and IAST tools.
• Develop automation for security workflows, vulnerability management, and compliance checks to ensure real-time feedback.
• Scan Infrastructure as Code (e.g., Terraform, CloudFormation) for misconfigurations and vulnerabilities before deployment.
• Evaluate, implement, and maintain tools for vulnerability scanning, monitoring, and compliance.
• Promote a security-first culture by mentoring developers and operations teams on secure coding and DevSecOps practices.

Qualifications:

• 5+ years of experience in DevOps, Security Engineering, or similar roles, including 2+ years in DevSecOps.
• Hands-on experience with CI/CD tools such as Jenkins, GitLab CI, or similar.
• Strong scripting skills in Python, Bash, or Go.
• Knowledge of AWS, Azure, or GCP and their security services (e.g., AWS Security Hub, Azure Security Center, GCP Security Command Center).
• Experience with Infrastructure as Code tools like Terraform, Ansible, or CloudFormation.
• Solid understanding of container technologies such as Docker and Kubernetes, including container image and runtime security.
• Familiarity with security tools such as SonarQube, Checkmarx, OWASP ZAP, Burp Suite, Trivy, or Nessus.
• Strong problem-solving and communication skills; ability to collaborate across teams.

Conditions & Benefits:

• Stable salary, official employment.
• Health insurance.
• Hybrid work mode and flexible schedule.
• Relocation package offered for candidates from other regions.
• Access to professional counseling services including psychological, financial, and legal support.
• Discount club membership.
• Diverse internal training programs.
• Partially or fully paid additional training courses.
• All necessary work equipment.