DevSecOps Engineer (Cybersecurity)

TL;DR

DevSecOps Engineer (Cybersecurity): Designing and implementing security-focused capabilities across the SDLC with an accent on Shift-Left-On-Security principles and CI/CD pipeline automation. Focus on vulnerability management, threat modeling, and ensuring secure infrastructure for business-critical applications.

Location: Must be commutable to Bucharest, Romania (Hybrid: 2 days/week in office)

Company

hirify.global provides cybersecurity solutions dedicated to protecting business-critical applications like SAP and Oracle for global enterprises.

What you will do

• Embed and optimize automated security testing (SAST, DAST, SCA) within GitLab CI/CD pipelines.
• Perform platform security assessments and support vulnerability remediation activities.
• Conduct threat modeling exercises for new features and infrastructure changes.
• Coordinate with engineering teams to meet security compliance and regulatory standards.
• Provision and configure isolated environments for penetration testing activities.
• Advocate for secure coding standards and provide internal security training.

Requirements

• 2+ years of experience in cybersecurity with hands-on Shift-Left-On-Security implementation.
• 1+ years of experience in DevOps and cloud infrastructure (AWS, Azure, or GCP).
• Proficiency in CI/CD tools (Git/GitLab), containerization (Docker, Kubernetes), and Linux administration.
• Strong scripting skills in Python or Bash.
• Must be commutable to Bucharest for a hybrid work arrangement.
• Strong analytical, problem-solving, and communication skills.

Nice to have

• Experience with Infrastructure as Code (Terraform).
• Knowledge of compliance standards such as ISO 27001, NIST 800-53, or PCI DSS.

Culture & Benefits

• Opportunity to shape the future of business application security.
• Collaborative, high-achievement team environment.
• Competitive compensation and financial incentives.
• Career growth opportunities within a global organization.