ABOUT YOUR ROLE
Join our team as a Senior DevSecOps Engineer!
We are looking for an experienced Engineer who will be responsible for building and setting up new development tools on a platform which is a suite of digital tools-for-trade for the maritime industry used by many development teams.
In this role you will collaborate with the operations and development teams to plan and execute system changes and manage several security related items such as: security and audit controls, threat modelling, secure code review and automated test security.
If you are a Senior DevOps/Security Engineer who is eager to develop your existing skills and experience within a fast-paced environment, then this role could be for you.
AS A SENIOR DEVSECOPS ENGINEER AT SETAPP YOU WILL:
- Be a primary contact for DevOps security workstreams, policies, best practices, and technologies.
- Work on the deployment and ongoing management of the Akamai WAF solution.
- Monitoring and improving the security posture of the environments via Azure Security Centre.
- Work on everything from transitioning the on-prem teams into the cloud, helping move to an orchestrated container-based service architecture (Kubernetes and Docker).
- Add, improve and maintain modules in our central Terraform & PowerShell Module library.
- Automate build and release manual activities
- Support the delivery of the Platform Security roadmap
REQUIREMENTS
- 5-year Security Engineering or DevOps experience, with experience on APIs
- Excellent hands-on experience with Microsoft Azure and Azure Pipelines.
- Understanding of the OWASP Top 10 principles and experience with OWASP testing Guide / Open-Source Security Testing Methodology
- Familiarity with Secure Development Lifecycle practices and Agile development with CI/CD practices combined with good experience of cloud security, SAST, DAST, IAST or RASP
- Thought leadership in the security field, with demonstrable contributions to industry groups strongly desired
- Excellent working experience of Terraform, setup and supporting Kubernetes environments using cloud providers -vSphere for on-premise and Azure for cloud deployments.
- Excellent communication skills with the ability to exercise independent decision making
- Strong analytical, problem solving and issue resolution skills
Nice to have:
- Experience with cryptography, X509 certificates, signatures, securing TLS/SSL parameters, and certificate pinning
- Good working knowledge of Teamcity and Octopus.
- Experience with Static Code analysis tools such as Veracode, Checkmarx or Sonarqube
- Experience with Elastic Search and PowerShell
- Experience with Linux, package management, config changes and basic tasks
WHAT CAN YOU EXPECT
Despite our dynamic growth, we managed to maintain a relaxed and enjoyable atmosphere of a tightly-knit team that can implement complex projects in a comprehensive and effective way. Each of us knows what is expected from us and we all have adequate space and freedom of action.
The actual work is important, but it’s also essential for us at Setapp that we all stay happy, relaxed and motivated. That’s why we provide a wide range of benefits to all of our employees:
- Training budget
- Private medical care (Luxmed)
- Voluntary group life insurance
- MyBenefit or Multisport card
- Language courses (English and German)
- Mentoring program and numerous internal trainings
- Employee referral program
- Paid days off from services (B2B)
- A paid day off to take care of your health - “Dzień na U” with Fundacja Rak'n'Roll. Wygraj życie!
- Integration events, joint company trips, birthday celebrations and many other
WHAT WE ALSO OFFER
- Salary: 35-42 k PLN depending on experience
- Flexible working hours
- You choose how you work - from our office in Poznań or remotely from home, or like most of us work hybrid :)
- Strong focus on growth, interesting projects & people who enjoy working with each other! :)