DevSecOps Engineer (Fintech)

TL;DR

DevSecOps Engineer (Fintech): Implementing security checks in CI/CD pipelines and hardening application security for a PCI DSS certified payment gateway with an accent on SAST, SCA, and container scanning. Focus on automating vulnerability remediation, securing container images, and integrating security into development workflows.

Location: Poland

Company

hirify.global develops Finteqhub, a PCI DSS certified payment gateway providing integrated payment systems for online businesses.

What you will do

• Design and implement security checks within GitHub and GitLab CI/CD pipelines.
• Configure and maintain SAST, SCA, and container scanning tools, specifically Trivy and Dependabot.
• Identify and remediate vulnerabilities in applications and container images.
• Support container image scanning and image signing practices.
• Develop and maintain automation scripts using Python and Bash.
• Collaborate with engineering teams to embed security into development workflows.

Requirements

• 2–4 years of experience in DevOps, DevSecOps, or Security roles.
• Hands-on experience with CI/CD pipelines in GitHub or GitLab.
• Practical experience with SAST, SCA, and container scanning tools.
• Basic scripting skills in Python and Bash.
• Solid understanding of OWASP Top 10.
• Must be located in Poland.

Nice to have

• Basic understanding of Kubernetes and container security fundamentals (RBAC, policies).
• Exposure to Kubernetes security tools such as Kyverno, OPA, or StackRox.
• Knowledge of container image signing using Cosign or Sigstore.
• Experience with cloud platforms like AWS, GCP, Azure, or OCI.

Culture & Benefits

• Private health insurance and sports benefits.
• Comprehensive Mental Health Program.
• Free online English lessons and local language courses.
• Paid time off and maternity leave support.
• Referral program rewards.
• Opportunities for upskilling, internal workshops, and participation in professional conferences.