Plus
Включить Plus
Назад
Company hidden
3 часа назад

Security Engineer (DevSecOps)

Формат работы
remote (только Europe)/hybrid/onsite
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
Poland/Armenia/Cyprus
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Security Engineer (DevSecOps): Designing and implementing secure CI/CD pipelines and cloud infrastructure security with an accent on Kubernetes, Service Mesh, and Shift-Left practices. Focus on automating security checks, hardening cloud environments (AWS/GCP), and implementing Zero Trust architecture.

Location: Remote or on-site in Armenia, Cyprus, or Poland (Offices in Yerevan, Limassol, and Warsaw).

Company

A fast-growing business group with a multicultural team of professionals across development, architecture, and operations.

What you will do

  • Design and maintain secure, automated CI/CD pipelines using a Shift-Left approach.
  • Develop Security as Code policies, baselines, and compliance checks.
  • Ensure security of Kubernetes platforms, workloads, and Service Mesh (Istio).
  • Perform security reviews of Terraform modules and infrastructure code.
  • Configure and maintain WAF, runtime protection, vulnerability management, and secrets management.
  • Collaborate with Development, Platform, and SRE teams to embed security and respond to incidents.

Requirements

  • 3-4+ years of experience in DevSecOps, Cloud Security, or Application Security.
  • Strong experience with Kubernetes (EKS, GKE), Istio, Helm, and ArgoCD.
  • Proficiency in IaC scanning and hardening using Terraform, Checkov, tfsec, or OPA.
  • Experience with SAST/DAST/SCA tools such as Semgrep, SonarQube, and Snyk.
  • Solid understanding of AWS and GCP security services (IAM, KMS, etc.).
  • Advanced Linux administration and scripting skills in Bash and Python.

Nice to have

  • Experience with OpenStack security components.
  • Knowledge of compliance frameworks like ISO 27001, SOC2, PCI DSS, or GDPR.
  • Familiarity with eBPF-based tools such as Falco, Cilium, or Tetragon.

Culture & Benefits

  • Modern corporate equipment (macOS or Windows).
  • Paid vacations, sick leave, and personal event days.
  • Corporate healthcare program.
  • Educational support via L&D team, Udemy, and professional conferences.
  • Free internal English courses and sports benefits.
  • Diverse internal activities including movie clubs, board game nights, and team buildings.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →