Senior DevSecOps Engineer – CI/CD and Cloud Security

Unleash cybersecurity innovation — redefine DevSecOps practices at scale!
Krakow-based opportunity with hybrid work model.

As a Senior DevSecOps Engineer, you will be working for our client, a global leader in cloud security and software development. You will own and evolve their Jenkins Shared Library to power multi-language builds (Java/Maven, Node/NPM, Python, Helm, Terraform, containers), delivering fast, secure, and provenance-rich pipelines that enhance supply-chain integrity across teams. This role offers the chance to drive automation excellence and reinforce security in modern CI/CD environments, fostering continuous innovation and growth.

Your main responsibilities:

• Design and maintain Groovy pipeline steps for build, test, package, scan, and deploy processes.
• Extend Python tooling to enhance SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation.
• Optimize pipeline performance through parallelization, caching, and dependency management.
• Ensure artifact integrity with correct SHA1/SHA256 mapping and reproducible inputs.
• Refactor legacy scripts to improve code quality and standardization.
• Document ci-config.yaml standards and best practices for teams.
• Mentor engineers on secure pipeline development and supply-chain security practices.
• Troubleshoot and proactively prevent pipeline incidents to ensure seamless integration.

You're ideal for this role if you have:

• At least 5 years of engineering experience, with 3+ years in CI/CD or DevSecOps.
• Strong expertise with Jenkins and Groovy shared libraries.
• Advanced Python automation skills (JSON/YAML processing, scripting).
• Deep knowledge of Maven, NPM, Python packaging; exposure to Helm, Terraform, and container image metadata.
• Solid understanding of supply-chain security concepts (SLSA, CycloneDX SBOM, digests).
• Experience with SonarQube, Sonatype IQ, and container/SAST scanning tools.
• Proven performance tuning skills — caching, parallel builds, dependency pruning.
• Awareness of compliance standards and best practices.

It is a strong plus if you have: (optional)

• Experience with artifact signing/attestation tools like cosign or OCI.
• Familiarity with Terraform modules and Helm chart publishing patterns.
• Knowledge of GitOps or release automation processes.
• Cloud experience with GCP or AWS.

Language Required for the role:
Fluent English communication skills are essential.

Eligibility for the role:
Only candidates with an existing legal right to work in the European Union will be considered for this role.

#MAKEYourCareerBETTER
Interested? Apply now and include your CV (preferably in English) along with a statement confirming your consent to the processing and storage of your personal data.