DevSecOps / Platform Engineer

Andersen is hiring a DevSecOps / Platform Engineer for a project building a scalable, governed data platform with near real-time capabilities to improve data transparency and operational efficiency. 

The customer is a financial services organization providing banking products and digital solutions for individual and business clients. The company operates through an established service network and online platforms and is part of a larger international financial group, supporting ongoing development of its services for a broad client base. 

 The project is focused on transforming the bank’s fragmented data landscape into a governed, scalable data platform with near real-time capabilities. It introduces a data product–driven approach and strong governance practices to improve customer insights, operational efficiency, and data transparency across the organization.  

Responsibilities: 

- Designing and implementing security-integrated CI/CD pipelines for services deployed on Azure Kubernetes Service (AKS). 

- Establishing infrastructure-as-code (IaC) practices using Terraform or Bicep aligned with cloud standards. 

- Implementing DevSecOps toolchain: SAST, DAST, SCA, container scanning, secrets management (Azure Key Vault). 

- Defining and enforcing security guardrails for the Azure landing zone: IAM/SSO, network security groups, encryption at rest and in transit. 

- Collaborating with IT Security Architect to ensure compliance with framework and EU financial regulations. 

- Implementing observability stack: logging (Azure Activity Log), monitoring (Azure Monitor), distributed tracing and alerting. 

- Supporting FinOps practices: tagging strategy, cost allocation, usage reporting and showback/chargeback mechanisms. 

- Implementing predictive, risk-based security monitoring and automated threat response pipelines as defined by the Security Architect. 

- Contributing to predictive, risk-based security monitoring and automated threat response design. 

- Conducting security assessments and providing remediation guidance for containerized microservices. 

 Requirements: 

- Experience in DevOps/DevSecOps roles for 5+ years with at least 2 years on Azure cloud environments. 

- Hands-on experience with Azure DevOps / GitHub Actions, Terraform or Bicep. 

- Deep knowledge of Kubernetes / AKS security hardening, RBAC and network policies. 

- Proficiency with Azure security services: Defender for Cloud, Sentinel, Key Vault, Azure Policy. 

- Experience implementing SAST/DAST tools (SonarQube, OWASP ZAP or equivalents). 

- Experience integrating SIEM/SOAR tooling into the platform delivery pipeline and ensuring operational alignment with group security frameworks.  

- Experience monitoring and responding to security incidents across microservices, APIs and event-driven components. 

- Knowledge of banking security standards: ISO 27001, PCI-DSS, NIST CSF. 

- Level of English – from Upper-Intermediate and above. 

Nice to Have: 

- Azure Security Engineer Associate (AZ-500) or equivalent certification. 

- Experience in banking or fintech environments with strict compliance requirements. 

- Familiarity with architecture patterns or similar CEE banking group standards. 

- Knowledge of FinOps frameworks and Azure Cost Management tooling. 

Reasons why this job would be interesting to you: 

- Experience in teamwork with leaders in FinTech, Healthcare, Retail, Telecom, and others. Andersen cooperates with such businesses as Samsung, Siemens, Johnson & Johnson, BNP Paribas, Ryanair, Mercedes, TUI, Verivox, Allianz, T-Systems, etc.. 

- The opportunity to change the project and/or develop expertise in an interesting business domain. 

- Job conditions – you can work both fully remotely and from the office or can choose a hybrid variant. 

- Guarantee of professional, financial, and career growth! The company has introduced systems of mentoring and adaptation for each new employee. 

- The opportunity to earn up to an additional 1,000 USD per month, depending on the level of expertise, which will be included in the annual bonus, by participating in the company's activities. 

- Access to the corporate training portal, where the entire knowledge base of the company is collected and which is constantly updated. 

- Bright corporate life (parties / pizza days / PlayStation / fruits / coffee / snacks / movies). 

- Certification compensation (AWS, PMP, etc). 

- Referral program. 

- English courses. 

- Private health insurance and compensation for sports activities. 

Your personal data is protected in accordance with GDPR regulations. Learn more: https://andersenlab.com/privacy-policy

Join us! 

 https://people.andersenlab.com/