DevSecOps Engineer (EU

Andersen is hiring a DevSecOps Engineer (EU) for a project developing a platform for automotive financing, ensuring secure infrastructure, integrations, and reliable system operations. 

The customer is an international company providing financial and related services across multiple markets. It delivers a variety of solutions for individuals and businesses, working through partner networks, and focusing on flexible, digital, and customer-oriented offerings. The company is also exploring innovative approaches to support more accessible and sustainable usage models. 

The project is focused on developing a dealer-side application for automotive financing and leasing processes. It enables capturing customer and vehicle data, generating documents, and integrating credit decision systems to support efficient loan and lease approvals. 

 Responsibilities: 

- Operationalizing a DORA-compliant Secure Software Development Lifecycle (SDLC). 

- Integrating security requirements into existing development workflows and CI/CD processes. 

- Implementing and configuring security tools, including SAST, DAST, Software Composition Analysis (SCA), and SBOM generation. 

- Integrating security tools into existing CI/CD pipelines. 

- Defining security gates and implementing automated validation and checking mechanisms. 

- Developing and maintaining a modular Jenkins shared library for reusable pipeline components across multiple repositories (including security gates, tool integrations, and compliance checks). 

- Conducting risk assessments and supporting threat modeling activities. 

- Creating technical guidelines for secure usage of third-party components and libraries. 

- Ensuring auditable documentation aligned with regulatory and compliance requirements. 

- Supporting the establishment of governance structures for secure software development. 

- Collaborating closely with DevSecOps architects, developers, product owners, and key stakeholders. 

 Must-have: 

- Experience in a DevOps or Systems Engineering role for 5+ years. 

- Several years of experience in DevSecOps, Application Security or Secure SDLC. 

- Solid experience in integrating security tools into CI/CD environments. 

- Very good knowledge of Jenkins, especially in the development and maintenance of Groovy-based shared libraries for defining and enforcing security gates. 

- Practical experience in the use of CLI-based security tools as well as the integration and configuration of associated Jenkins plugins (e.g., for SAST, SCA, SBOM, policy checks). 

- Good knowledge of common CI/CD platforms (e.g., GitLabs & GitHub). 

- Knowledge of regulatory requirements (DORA desirable). 

- Level of English – from Intermediate+ and above. 

 Nice-to-Haves: 

- Structured and independent way of working. 

- High technical implementation strength. 

- Ability to integrate safety requirements into development processes. 

- Strong communication skills in exchange with technical and non-technical stakeholders. 

- Solution-oriented and hands-on mentality. 

- Knowledge of German. 
 

 Reasons why this job would be interesting to you: 

- Andersen cooperates with such companies as Siemens, Johnson & Johnson, AstraZeneca, BNP Paribas, Allianz, Ryanair, TUI, Verivox, Media Markt, etc.. 

- For the past four years, our company has been growing annually by 60–100%, and we constantly involve top-notch specialists in our team. 

- Andersen has mentoring and adaptation systems for new employees, and transparent performance review and assessment systems will allow you to determine your development path and plan your growth. 

- The most important thing that we value in our employees is a commitment to continuous learning. The company supports them in this and gives them access to the best educational platforms, seminars, and practices. In addition, for over 19 years, Andersen has assembled a huge knowledge base and established a robust resource management institution. 

- We have been strengthening our expertise since 2007. During this time, we have formed excellent teams with streamlined processes, where you can learn something new from your colleagues every day and enjoy your work. 

- We are a cool young team of like-minded people communicating informally. 

- You'll have a stable and competitive salary and an extensive benefits package. 

- At Andersen, we have many different ways to grow. You can improve as a specialist or a manager, and all your activities will be decently rewarded. 

Join us! 

Your personal data is protected in accordance with GDPR regulations. Learn more: https://andersenlab.com/privacy-policy

https://people.andersenlab.com/