DevSecOps Engineer (Controls, Compliance & Operations) (ALM Applications)

TL;DR

DevSecOps Engineer (Controls, Compliance & Operations) (ALM Applications): Translating security policies and IT risk/control standards into implementable requirements for ALM applications, with an accent on security testing, audit-ready evidence, and user access management. Focus on coordinating control implementation and remediation, supporting incident/problem/change/configuration follow-up, and keeping regulated platforms stable, compliant, and operationally maintainable.

Company

hirify.global supports critical ALM applications in a regulated environment, combining operational and compliance responsibilities for audit-ready execution.

What you will do

• Translate security policies and IT risk control standards into implementable requirements for ALM applications and ensure they are implemented and documented.
• Coordinate, execute, and document IT security test procedures and required evidence (including SOX/ITGC or other applicable regulatory requirements).
• Own evidencing of applied security controls: collect, validate, store evidence, keep ITRMP control status up to date, and support internal/external audits.
• Explain security requirements to stakeholders and coordinate remediation actions to closure.
• Coordinate user access management for ALM applications (joiner/mover/leaver, approvals, periodic reviews, traceability and documentation).
• Support operational management for ALM applications: incident/problem/change/configuration follow-up, monitoring/performance/capacity topics, and lifecycle management.

Requirements

• Experience translating security policies and IT risk/control standards into actionable requirements for engineering and operations teams.
• Ability to implement and document security measures to keep applications compliant with IT Risk Policies, Minimum Standards, and Process Control Standards.
• Experience coordinating, carrying out, and documenting IT security test procedures (e.g., SOX/ITGC or other regulatory requirements where applicable).
• Experience with evidencing applied security controls and supporting internal/external auditing in regulated environments.
• English at B2+ level for confident communication in an international environment.
• Experience in operational application management in a regulated IT environment, including incident, problem, change, and configuration management.

Culture & Benefits

• Stable employment contract (UoP) and annual bonus (13th salary).
• Comprehensive benefits package: private medical care, insurance, Multisport card, PPE, company equipment, and subsidies for phone, glasses, tickets, and meals.
• Hybrid work and onboarding support with mentoring and a structured learning plan.
• Team values efficiency, clear documentation, and audit-ready execution.

Hiring process

• Onboarding support and structured learning plan for key topics.
• Interviews focused on security controls/compliance experience and operational follow-up in regulated environments.

Location: Warszawa (Pańska 97)

Salary: 12000–18000 PLN gross