Senior DevSecOps Engineer

TL;DR

Senior DevSecOps Engineer: Integrating and operating security controls across the SDLC with an accent on SAST and SCA tooling in CI/CD pipelines. Focus on building dedicated security pipelines, configuring repository policies, and reducing supply-chain risk.

Location: Remote job is only possible if located in Poland. If the applicant is permanently present outside of Poland, hirify.global reserves the right to refuse to consider the application for a job. Hybrid work is based in Warsaw.

Company

hirify.global is the Data and AI Trust Company, specializing in helping organizations ensure their data and AI are fully understood, secured, and resilient to enable the acceleration of safe AI at scale.

What you will do

• Integrate and manage security tooling in CI/CD: SAST, SCA, secrets scanning, and container image scanning.
• Build and optimize security pipelines and reusable templates in Azure DevOps, Jenkins, GitLab CI/CD, and TeamCity.
• Collaborate with Application Security and Development to triage findings, provide actionable fix guidance, track remediation, and prevent recurrence through guardrails and standards.
• Configure and maintain repository policies and curation in package repositories for NuGet, npm, and similar.
• Monitor and analyze scanning results across environments and refine rules to reduce false positives.
• Enhance CI/CD pipelines with secure-by-default configurations and improve developer experience.

Requirements

• Experience in DevOps, SRE, or Infrastructure Engineering with hands-on CI/CD integration.
• Strong understanding of SSDLC and DevSecOps, including risk-based gates and remediation workflows.
• Hands-on experience with CI/CD platforms (Azure DevOps, Jenkins, GitLab CI/CD, TeamCity) and pipeline-as-code (YAML).
• Experience integrating and tuning security tools (SAST, SCA); familiarity with secrets and container image scanning.
• Knowledge of artifact repositories, dependency management, and vulnerability/license scanning with policy configuration.
• Solid Linux and Windows skills: CLI usage, log analysis, basic networking, and build/container troubleshooting.

Nice to have

• Scripting in Python, PowerShell, or Bash.
• Familiarity with compliance frameworks; SBOM experience.

Culture & Benefits

• 26 paid days off annually, plus 4 extra global hirify.globale Days for self-care and 24 paid volunteer hours annually through hirify.global Cares.
• Fully covered family medical plan, dental, rehab, and vaccinations.
• Employer pension contribution via PPK.
• Monthly Edenred allowance of 450 PLN for meals.
• Up to 12 free therapy sessions annually, plus legal and financial advice.