Senior DevSecOps Engineer (CI/CD & Security)

Hello,

We are called People More because we treat our employees with respect, but also because the projects we work on are for people and should be easy and pleasant to use. We are technological, but we look at the bigger picture :)

The company is made up of people with a huge client base in the country and abroad, for whom we build projects from scratch (UX, UI, frontend, backend, mobile) or in part. We work directly for our clients and also support our partners in their own solutions. This ensures a wide range of projects and the ability to change! We work with clients all over the world.

For the project that we are working on with our foreign partner, we are looking for Senior DevSecOps Engineer (CI/CD & Security)

Your duties will include:

• Design and maintain Groovy pipeline steps (build, test, package, scan, deploy).

• Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (SonarQube, Sonatype IQ, SAST/Container).

• Optimize performance (parallel builds, caching, scope-reduced BOMs, dependency prefetch).

• Ensure artifact integrity (correct SHA1/SHA256 mapping, reproducible inputs, evidence modeling).

• Refactor legacy scripts (remove global state, consolidate hashing, standardize templates).

• Document ci-config.yaml standards and usage patterns.

• Mentor engineers on secure pipeline development and supply-chain practices.

• Troubleshoot and prevent pipeline incidents.

Requirements that must be met:

• 7+ years engineering; 3+ in CI/CD platform or DevSecOps.

• Strong Jenkins + Groovy shared library expertise.

• Advanced Python automation (JSON/YAML processing, tooling scripts).

• Deep Maven/NPM/Python packaging knowledge; exposure to Helm/Terraform and container image metadata.

• Supply-chain security (SLSA, CycloneDX SBOM, digests).

• Experience with SonarQube, Sonatype IQ, container and SAST scanning.

• Proven performance tuning (caching, parallelization, dependency pruning).

• Strong leadership skills

• Very good English and Polish

Nice to have:

• Artifact signing / attestations (cosign, OCI).

• Terraform module and Helm chart publishing patterns.

• GitOps or release automation experience.

• GCP/AWS cloud experience

What we offer:

• We are open and honest and we solve problems instead of generating them.

• Maybe it’s obvious, but we really respect our employees and associates. We used to be software developers, too, and we appreciate that job!

• A small team

• An international working environment and international projects

• Private medical care

• Sports card

• Training courses

• Hybrid work (office in Warsaw or Krakow)

Why it’s a good idea to work with People More?

• If you are not satisfied with your work or your tasks, we’ll find a way out together!

• If you get bored, we will offer you a new product and new, fascinating tasks

• We will work on your brand together: you will get an opportunity to attend conferences, including as a speaker, and we will help you publish in recognized magazines and online

• We will facilitate your access to challenges that are usually difficult to get

• At any time, you can talk directly to the board of People More—we talk your language because the company’s founders are software developers and designers!

What does the recruitment process look like?

• A friendly remote initial interview

• A remote technical talk

• The decision to work together!