Senior DevSecOps Engineer

TL;DR

Senior DevSecOps Engineer (Security Controls): Integrating and operating security controls across the SDLC, embedding SAST and SCA tooling in CI/CD pipelines, building dedicated security pipelines, and configuring repository policies to reduce supply-chain risk. Focus on triaging findings, guiding remediation, and making secure-by-default practices the path of least resistance.

Location: Remote, only possible in case the employee is located in the Czech Republic.

Company

hirify.global is the Data and AI Trust Company, specializing in helping organizations ensure their data and AI are fully understood, secured, and resilient to enable the acceleration of safe AI at scale.

What you will do

• Integrate and manage security tooling in CI/CD: SAST, SCA, secrets scanning, and container image scanning. Design and maintain automated workflows and gates across pull requests, merges, and releases
• Build and optimize security pipelines and reusable templates in Azure DevOps, Jenkins, GitLab CI/CD, and TeamCity. Implement risk-based thresholds aligned with product teams and tune for signal over noise
• Collaborate with Application Security and Development to triage findings, provide actionable fix guidance, track remediation, and prevent recurrence through guardrails and standards
• Configure and maintain repository policies and curation in package repositories for NuGet, npm, and similar
• Monitor and analyze scanning results across environments. Create concise dashboards and metrics to show coverage, trends, and risk reduction, and refine rules to reduce false positives
• Enhance CI/CD pipelines with secure-by-default configurations. Improve developer experience through documentation, reusable patterns and enablement sessions

Requirements

• Experience in DevOps, SRE, or Infrastructure Engineering with hands-on CI/CD integration
• Strong understanding of SSDLC and DevSecOps, including risk-based gates and remediation workflows
• Hands-on experience with CI/CD platforms (Azure DevOps, Jenkins, GitLab CI/CD, TeamCity) and pipeline-as-code (YAML)
• Experience integrating and tuning security tools (SAST, SCA); familiarity with secrets and container image scanning
• Knowledge of artifact repositories, dependency management, and vulnerability/license scanning with policy configuration
• Solid Linux and Windows skills: CLI usage, log analysis, basic networking, and build/container troubleshooting

Nice to have

• Scripting in Python, PowerShell, or Bash
• Familiarity with compliance frameworks; SBOM experience

Culture & Benefits

• 25 vacation days, 4 sick days, 21 paid medical leave days, plus 4 extra global hirify.globale Days for self-care and 24 paid volunteer hours annually through hirify.global Cares
• Premium private medical insurance for employees and dependents
• Daily meal vouchers for restaurants and groceries (180 CZK per working day)
• Flexible cafeteria platform with thousands of lifestyle benefit options
• Multisport Card for gym and wellness, with family add-on options
• Annual public transport reimbursement up to a set limit
• Corporate mobile plan with optional family tariff
• Opportunities to learn and grow through on-demand libraries (LinkedIn Learning, O’Reilly), mentoring, workshops and learning events like our annual Global Day of Learning