Senior DevSecOps Engineer

TL;DR

Senior DevSecOps Engineer: Integrating and operating security controls across the SDLC with an accent on embedding SAST/SCA tooling in CI/CD pipelines and reducing supply-chain risk. Focus on building dedicated security pipelines, configuring repository policies, and guiding remediation.

Location: Remote from Poland only

Company

hirify.global, the #1 global market leader in data resilience, provides data backup, recovery, portability, security, and intelligence to over 550,000 customers worldwide.

What you will do

• Integrate and manage security tooling (SAST, SCA, secrets/container scanning) in CI/CD pipelines.
• Build and optimize security pipelines and reusable templates in Azure DevOps, Jenkins, GitLab CI/CD, and TeamCity.
• Collaborate with Application Security and Development to triage findings and guide remediation.
• Configure and maintain repository policies and curation for package repositories.
• Monitor and analyze scanning results, creating dashboards and metrics for risk reduction.
• Enhance CI/CD pipelines with secure-by-default configurations and improve developer experience.
• Support audit preparation, evidence collection, and compliance activities for software delivery.

Requirements

• Experience in DevOps, SRE, or Infrastructure Engineering with hands-on CI/CD integration.
• Strong understanding of SSDLC and DevSecOps, including risk-based gates.
• Hands-on experience with CI/CD platforms (Azure DevOps, Jenkins, GitLab CI/CD, TeamCity) and pipeline-as-code (YAML).
• Experience integrating and tuning security tools (SAST, SCA).
• Knowledge of artifact repositories, dependency management, and vulnerability scanning.
• Solid Linux and Windows skills (CLI, log analysis, networking, troubleshooting).
• Experience with automation/configuration management (Ansible, Helm) and containers/orchestration (Docker, Kubernetes).
• Exposure to Infrastructure as Code (Terraform, CloudFormation, Bicep) and embedding security checks.
• Basic understanding of application and network security concepts in automated pipelines.
• Familiarity with monitoring/observability tools for troubleshooting CI/CD and security jobs.

Nice to have

• Scripting in Python, PowerShell, or Bash.
• Familiarity with compliance frameworks; SBOM experience.

Culture & Benefits

• 26 paid days off annually, plus 4 extra global hirify.globale Days and 24 paid volunteer hours.
• Paid parental, maternity, and paternity leave.
• Fully covered family medical plan, dental, rehab, and vaccinations.
• Life, critical illness, and disability insurance.
• Employer pension contribution via PPK and monthly Edenred allowance (450 PLN).
• MultiSport card fully covered by hirify.global.
• Up to 12 free therapy sessions annually, plus legal and financial advice.
• Opportunities for learning and growth through on-demand libraries, mentoring, and workshops.