Cloud & Security Engineer

At DAC.digital, we are constantly growing our business. As part of our growth strategy, we are strengthening our strategic partnership with a company leveraging Generative AI to drive enterprise revenue and profit.

Key information:

Salary:

• 28 000 - 30 000 PLN net/month - pure B2B contract

• 24 500 – 26 000  PLN net/month – B2B contract (days off included)

It is vital that you have:

• fluency in English (min. C1);

• senior-level experience operating and securing Azure at scale (multi-subscription/tenant patterns, landing zones, network isolation, identity, and data);

• deep hands-on with Terraform (or Bicep), GitHub Actions/Azure DevOps, containers, and modern artifact workflows;

• practical Security: SIEM/SOAR (Sentinel or similar), image/dependency scanning, vulnerability management, and policy-as-code;

• strong observability chops (Azure Monitor/Log Analytics/App Insights, OpenTelemetry) and an SRE mindset;

• clear communicator who’s comfortable with client interaction and crisp written docs;

• Azure Container Registry (ACR) including scaling, ingress, networking, and security;

• GitHub Actions pipelines, workflows, and deployments;

• working in agile methodologies (Scrum, Kanban);

• high communication skills;

• eager to learn and share knowledge.

Nice to have:

• cross-cloud exposure (AWS/GCP), private connectivity (ExpressRoute), and hybrid/on-prem integrations;

• background in secure enterprise environments; audit evidence automation and compliance reporting.

Technology stack:

• Microsoft Azure

• Terraform / Bicep

• GitHub Actions (CI/CD pipelines, deployments)

• Azure DevOps

• Containers (Docker/Kubernetes)

• Azure Monitor / Log Analytics / App Insights

• OpenTelemetry

• Microsoft Sentinel (SIEM/SOAR)

• Azure Container Registry (ACR)

• Security & compliance (scanning, vulnerability management, policy-as-code)

You will be responsible for supporting our team in:

• own and evolve Azure foundations (subscriptions, landing zones, networking, identity, secrets, data services) and drive secure, automated infrastructure with Terraform/Bicep and hardened CI/CD (GitHub Actions/Azure DevOps);

• build and maintain golden images/containers, artifact pipelines, automated drift detection, and comprehensive threat detection/response (Sentinel, Defender for Cloud, Snyk/Trivy);

• enforce strong security practices: least-privilege IAM, certificate rotation, secrets hygiene, and compliance mapping to ISO 27001, SOC 2, NIST, HIPAA, GDPR, FedRAMP with evidence via policy-as-code;

• establish SLOs/SLIs, proactive capacity/performance management, and full-stack observability (Azure Monitor, Log Analytics, App Insights) with actionable alerts and auto-remediation to reduce MTTR;

• lead incident response and post-incident hardening, leverage LLMs for infra/ops automation (pipelines, policies, runbooks), and partner with product and client teams to deliver secure, reliable production architectures—especially for AI workloads.

What do we offer:

• possibility to work 100% remotely or on-site at our office in Gdańsk;

• b2b contract with included 30 days off;

• private Medical care;

• group insurance;

• pre-paid card or Sport Card;

• referral program;

• real Agile practices;

• employee well-being online platform;

• cafeteria benefits.