Назад
Company hidden
2 дня назад

Senior DevSecOps Engineer (Azure)

Формат работы
hybrid
Тип работы
fulltime
Грейд
senior
Английский
b2
Страна
Germany
Вакансия из списка Hirify.GlobalВакансия из Hirify Global, списка международных tech-компаний
Для мэтча и отклика нужен Plus

Мэтч & Сопровод

Для мэтча с этой вакансией нужен Plus

Описание вакансии

Текст:
/

TL;DR

Senior DevSecOps Engineer (Azure/Kubernetes): Securing Azure and Kubernetes Data & AI platforms by integrating security into CI/CD pipelines and infrastructure with an accent on policy-as-code and vulnerability management. Focus on hardening Kubernetes clusters, securing ML/MLOps workloads, and ensuring compliance with ISO 27001 and the EU AI Act.

Location: Cologne, Remote possible

Company

Europe’s leading online pharmacy driven by cutting-edge innovation to ensure health access for everyone.

What you will do

  • Build and maintain secure CI/CD pipelines in Azure DevOps or GitHub Actions, focusing on secrets hygiene, SAST/DAST, and supply-chain hardening.
  • Automate security guardrails in infrastructure using Terraform and policy-as-code tools like Azure Policy and OPA/Conftest.
  • Harden Kubernetes environments by implementing RBAC, NetworkPolicies, Pod Security Standards, and admission controllers.
  • Manage cloud identities and data protection via Entra ID, Key Vault, and Private Link to ensure least-privilege access.
  • Secure MLOps workflows and AI services, specifically locking down Databricks Unity Catalog, MLflow, and model registries.
  • Coordinate CVE triage, maintain SBOMs, and ensure audit readiness for ISO 27001, GDPR, and the EU AI Act.

Requirements

  • Experience as a DevSecOps or Cloud Security Engineer within Azure and Kubernetes environments.
  • Hands-on expertise with Azure DevOps or GitHub Actions for automating security checks.
  • Proficiency in Azure security services including Entra ID, Key Vault, Defender for Cloud, and Sentinel.
  • Strong understanding of vulnerability management, SBOM creation, and CVE remediation workflows.
  • Knowledge of Data & AI/ML security, including Databricks and privacy-by-design principles.
  • Must be based in or have the legal right to work in the region of Cologne, Germany.

Nice to have

  • Experience with ACR image scanning tools like Trivy or Defender.
  • Knowledge of OPA/Gatekeeper, Kyverno, CodeQL, Dependabot, or Checkov/tfsec.
  • Experience with Databricks Unity Catalog and SCIM/AAD integration.

Culture & Benefits

  • Flexible remote work options, including the possibility to work from anywhere in the EU for up to 20 days per year.
  • Childcare support with a kindergarten grant of €100 per month.
  • Full coverage of the Deutschland Ticket for stress-free commuting.
  • Free and anonymous professional mental health support.
  • Health and fitness perks including an Urban Sports Club membership.
  • Commitment to personal development through internal and external training.

Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →