DevSecOps Engineer

The international IT сompany Andersen invites a DevSecOps Engineer to work on large-scale projects.

Andersen is a pre-IPO global software development company with over 18 years of experience delivering full-cycle IT services. We specialize in helping enterprises and fast-growing mid-sized businesses accelerate their digital transformation through modern, scalable, and secure software solutions.

Our company operates across a global network of 18 development centers and offices, strategically located in North America, Western and Central Europe, the Middle East, and the Asia-Pacific region. With a strong team of over 3,500 highly skilled professionals, we combine deep domain expertise and advanced technical capabilities to consistently deliver exceptional results for our clients.

Responsibilities:

• Integrating security practices into CI/CD pipelines and development workflows.
• Implementing automated security checks, vulnerability scanning, and compliance validation.
• Managing secrets, credentials, and access policies.
• Monitoring cloud and infrastructure security configurations, identifying risks, and implementing improvements.
• Collaborating with development and security teams to ensure secure application delivery.
• Supporting incident response activities and contributing to root cause analysis.
• Developing automation scripts and tools to enhance security processes.
• Maintaining documentation for security controls, processes, and best practices.

Must-haves:

• Experience as a DevSecOps Engineer for 2,5+ years.
• Strong understanding of CI/CD pipelines and experience integrating security tools (SAST, DAST, SCA, IaC scanning and compliancy control and others).
• Hands-on experience with cloud platforms (AWS, Azure, or GCP). .
• Knowledge of container security, Docker, and Kubernetes security best practices.
• Familiarity with secrets management solutions (Hashicorp Vault, AWS Secrets Manager, etc.).
• Scripting skills (Python, Bash, or similar) for automation.
• Experience with monitoring and logging tools (ELK, Prometheus, Grafana).
• Understanding of threat modeling, vulnerability management, and secure coding principles.
• Level of English – from Upper-Intermediate and above.

Nice-to-haves:

• Experience with Zero Trust, IAM, or security governance frameworks.
• Knowledge of compliance standards (ISO 27001, SOC 2, GDPR).
• Certifications such as AWS Security Specialty, CKS.

Reasons why this job would be interesting to you:

• Experience in teamwork with leaders in FinTech, Healthcare, Retail, Telecom, and others. Andersen cooperates with such businesses as Samsung, Siemens, Johnson & Johnson, BNP Paribas, Ryanair, Mercedes, TUI, Verivox, Allianz, T-Systems, etc.;
• The opportunity to change the project and/or develop expertise in an interesting business domain;
• Job conditions – you can work both fully remotely and from the office or can choose a hybrid variant;
• Guarantee of professional, financial, and career growth! The company has introduced systems of mentoring and adaptation for each new employee;
• The opportunity to earn additional up to 1,000 USD per month by participating in the company's activities;
• Access to the corporate training portal, where the entire knowledge base of the company is collected and which is constantly updated;
• Bright corporate life (parties / pizza days / PlayStation / fruits / coffee / snacks / movies);
• Certification compensation (AWS, PMP, etc);
• Referral program;
• English courses;
• Private health insurance and compensation for sports activities.

Join us!