DevSecOps Engineer

Location: Required presence at the client’s office in Kraków for 5 days per month

Responsibilities

• Design, develop, and maintain Groovy-based CI/CD pipeline steps including build, test, package, scan, and deploy

• Extend and maintain Python tooling for SLSA provenance, SBOM generation, hash and digest accuracy, and security scan aggregation across tools such as SonarQube, Sonatype IQ, SAST, and container scanning

• Optimize pipeline performance through parallel builds, caching strategies, dependency prefetching, and scope-reduced BOMs

• Ensure artifact integrity by implementing correct SHA1/SHA256 mappings, reproducible build inputs, and robust evidence modeling

• Refactor and modernize legacy scripts by removing global state, consolidating hashing logic, and standardizing templates

• Define, document, and promote ci-config.yaml standards and usage patterns

• Mentor engineers in secure pipeline development and software supply-chain best practices

• Troubleshoot, resolve, and proactively prevent CI/CD pipeline incidents

  
  

Requirements

• Minimum 7 years of overall engineering experience, including at least 3 years in CI/CD platform engineering or DevSecOps roles

• Strong hands-on expertise with Jenkins and Groovy shared libraries

• Advanced Python skills for automation, including JSON and YAML processing and tooling development

• Deep understanding of Maven, NPM, and Python packaging ecosystems

• Practical experience with supply-chain security concepts such as SLSA, CycloneDX SBOMs, and artifact digests

• Experience integrating security and quality scanning tools including SonarQube, Sonatype IQ, container scanning, and SAST solutions

• Proven ability to optimize build and pipeline performance through caching, parallelization, and dependency optimization

• Awareness and understanding of compliance-related requirements in CI/CD and software delivery environments

  
  

Nice to Have

• Experience with artifact signing and attestations using tools such as cosign or OCI standards

• Knowledge of Terraform module and Helm chart publishing patterns

• Hands-on experience with GitOps workflows or release automation

• Cloud platform experience with GCP and or AWS

  
  

Soft Skills

• Clear and precise communication skills

• Strong commitment to high-quality documentation

• Ownership mindset with the ability to work independently and with minimal supervision

  
  

What We Offer

• MultiSport Plus

• Group insurance

• Medicover Premium

• E-learning platform