DevSecOps

Tasks

• Design and implement security controls across applications, infrastructure, and cloud environments.

• Integrate SAST, DAST, SCA, secret scanning, and container image scanning into CI/CD pipelines.

• Establish security gates and support development teams in vulnerability remediation.

• Harden cloud environments and secure IaC, logging, monitoring, and access control.

• Run continuous vulnerability management: scanning, risk-based prioritization, and remediation oversight.

• Support monitoring, incident response, root cause analysis, and corrective actions.

• Secure containers and Kubernetes clusters, including RBAC and runtime policies.

• Support compliance with frameworks such as ISO 27001, NIST CSF, and SOC 2, including control evidence documentation

Requirements

• At least 3 years of experience in cybersecurity, DevSecOps, or a related role.

• Hands-on experience with AppSec and security testing tools (SAST, DAST, SCA, secret scanning).

• Experience securing CI/CD pipelines and SDLC practices.

• Experience in cloud security and infrastructure hardening.

• Knowledge of containers, Kubernetes, and secure runtime configuration.

• Ability to work with SIEM, logs, and incident response workflows.

• Knowledge of security standards and frameworks (ISO 27001, NIST, SOC 2).

• Good English and strong cross-team communication skills.

Nice to Have

• Security certifications (e.g., Security+, CISSP, CCSP, CKS).

• Experience with policy-as-code and security automation.

• Knowledge of threat modeling and secure architecture reviews.

• Experience in projects with strict compliance requirements.

We Offer

• Real impact on the security posture of engineering processes and platforms.

• Work at the intersection of security, DevOps, and cloud architecture.

• Growth opportunities in modern cybersecurity domains.

• Stable employment terms and a collaborative engineering culture.|

• An attractive salary and benefits package (including private medical care and a sports card).