👉 Senior DevSecOps Engineer

Hello, let’s meet!

Who We Are

While Xebia is a global tech company, in Poland, our roots came from two teams – PGS Software, known for world-class cloud and software solutions, and GetInData, a pioneer in Big Data. Today, we’re a team of 1,000+ experts delivering top-notch work across cloud, data, and software. And we’re just getting started.

What We Do

We work on projects that matter – and that make a difference. From fintech and e-commerce to aviation, logistics, media, and fashion, we help our clients build scalable platforms, data-driven solutions, and next-gen apps using ML, LLMs, and Generative AI. Our clients include Spotify, Disney, ING, UPS, Tesco, Truecaller, AllSaints, Volotea, Schmitz Cargobull, and Allegro or InPost.

We value smart tech, real ownership, and continuous growth. We use modern, open-source stacks, and we’re proud to be trusted partners of Databricks, dbt, Snowflake, Azure, GCP, and AWS. Fun fact: we were the first AWS Premier Partner in Poland!

Beyond Projects

What makes Xebia special? Our community. We run events like the Data&AI Warsaw Summit, organize meetups (Software Talks, Data Tech Talks), and have a culture that actively support your growth via Guilds, Labs, and personal development budgets — for both tech and soft skills. It’s not just a job. It’s a place to grow.

What sets us apart? 

Our mindset. Our vibe. Our people. And while that’s hard to capture in text – come visit us and see for yourself.

🟣About the project:

We are looking for an experienced DevSecOps Engineer to help build, secure, and automate our global AWS environment. This role bridges networking, automation, compliance, and security, ensuring that our multi-account AWS platform is fully secure, governed, and scalable.

As a DecSecOps Engineer, you will work on building guardrails, policy-as-code, automated pipelines, and global networking architectures, with hands-on responsibilities for ensuring security and compliance at every stage.

🟣You will be:

• implementing centralized security and compliance guardrails across AWS accounts,

• automating infrastructure and network provisioning using Terraform and AWS Cloud WAN,

• desiging and enforcing Policy-as-Code (OPA / Rego) to prevent non-compliant configurations,

• building and maintain Account Factory for Terraform (AFT) and CI/CD pipelines for infrastructure,

• delivering secure, centralized egress architectures using AWS Network Firewall,

• monitoring and responding to security risks in multi-account AWS environments,

• collaborating with global teams operating in US (EST) hours.

🟣Your profile:

• hands-on experience in AWS, including:

  • AWS Cloud WAN

  • AWS Network Firewall

  • AWS Control Tower

• strong background in Terraform and infrastructure automation,

• proven experience with Policy-as-Code (OPA/Rego) and CI/CD pipelines,

• solid understanding of cloud security, governance, and compliance best practices,

• ability to work in US (EST) business hours,

• strong English communication skills.

Work from EU and a work permit to work from EU are required.

🟣Nice to have:

• AWS certifications (Security, Advanced Networking, Solutions Architect),

• experience with enterprise-scale multi-account environments,

• knowledge of automated risk analysis or AI-driven compliance tools.

🟣Recruitment Process:

CV review – HR call – Technical Interview – Client Interview – Decision

🎁 Benefits 🎁

✍ Development:

• development budgets of up to 6,800 PLN,

• we fund certifications e.g.: AWS, Azure,

• access to Udemy, O'Reilly (formerly Safari Books Online) and more,

• events and technology conferences,

• technology Guilds,

• internal training,

• Xebia Upskill.

🩺 We take care of your health:

• private medical healthcare,

• multiSport card - we subsidise a MultiSport card,

• mental Health Support.

🤸‍♂️ We are flexible:

• B2B or employment contract,

• contract for an indefinite period.