DevSecOps Engineer (PCI DSS)

You’ll join a fintech where you have true ownership over cloud security and infrastructure, from designing resilient architectures to ensuring compliance with the strictest industry standards.

We are building secure, audit-ready payment systems where resilience, automation and cost-efficiency go hand in hand. As a DevSecOps Engineer, you’ll safeguard critical financial operations while shaping mature DevOps and platform engineering practices in a collaborative, expert team.

Location: Fully remote (Poland) 🌎 or Łódź (Poland)

Tech stack: AWS (Secrets Manager, Security Hub, GuardDuty, Detective, ECS, ECR, RDS, VPC, S3, Lambda, Cognito, WAF, CloudFront, Route 53, MSK), Terraform, Terragrunt, GitLab.

Your everyday playground:

• Lead PCI DSS compliance efforts: translate regulatory requirements (PCI DSS) and updates into clear, actionable recommendations for SRE and Development teams

• Support other compliance efforts (EBA, DORA, ISO 22301, ISO 27001 governance)

• Build and operate cloud infrastructure using Infrastructure as Code and AWS services

• Manage source code repositories and CI/CD pipelines

• Implement and monitor information security controls (IAM, data encryption, secrets management, endpoint protection, hardened images, SSO, SOC integration)

• Drive vulnerability management by assessing and re-scoring vulnerabilities (CVSS, CVE, CWE)

• Maintain and secure messaging and data platforms (Kafka, Snowflake)

• Set up and operate monitoring infrastructure for logs, metrics, audits and troubleshooting

• Ensure business continuity through backups, disaster recovery, alerts and testing

• Perform IT cost analysis and optimization

• Participate in on-call service for operational resilience

What are we looking for? 🕵️‍♀️

• 4+ years of experience in DevSecOps, Cloud Security, or similar engineering role.

• Ability to translate regulatory and compliance requirements (PCI DSS) into technical guidelines for engineers (SRE, Developers)

• Practical experience with AWS Security (IAM, encryption, secrets, monitoring, network security, and use of AWS Security Hub and Amazon GuardDuty)

• Hands-on experience in vulnerability management.

• Experience with monitoring & logging tools and troubleshooting in production environments.

• Fluency in English with proven experience in client-facing communication.

• Proactive mindset and readiness to take ownership.

What makes you a perfect match? 🎯

• Certifications: AWS Certified Security, CISSP (ISC2), CISM (ISACA), ISO 27001 Lead Implementer/Auditor, PCI Internal Security Assessor.

Why join us? 🌟

• At DNA Technology, we believe in clear communication - we regularly discuss what works and what doesn’t, and how we can improve things (not just in code).

• Private healthcare, a multisport card, and regular “how are you doing?” check-ins are part of our routine.

• Your development is extremely important to us! You can count on individual growth sessions to support you on your unique professional journey.

• Team lunches are a thing, and if you’re coming from another city, we’ll cover your travel and hotel.

• We don’t do layers of management. Everyone has a voice and real influence on how we work.

We value strong interpersonal skills with a focus on open, respectful, and partnership-based communication.

Sounds like a fit? Let’s talk! 🚀