Security DevOps Engineer

Nasze wymagania: 8+ years in DevOps, Cloud Security, or Site Reliability Engineering roles. Experience working in regulated or high-traffic financial environments (fintech, trading, banking). Strong commitment to Security as Code and automation-driven security practices. IAM & Access Control: Strong experience with cloud IAM platforms (OCI, AWS, GCP, or Azure), OIDC/SAML, and modern infrastructure access tools. Kubernetes Security: Expert-level knowledge of security contexts, admission controllers (OPA Gatekeeper, Kyverno), and service mesh technologies for mTLS. Infrastructure as Code: Proficiency in Terraform and/or Ansible, including secure module design and static analysis tooling. Linux & Networking: Deep understanding of Linux security mechanisms and core networking protocols. Mile widziane: Supporting financial or security audits and compliance initiatives. Knowledge of cryptography, PKI, and encryption standards. Experience with security resilience testing or chaos engineering practices. O projekcie: Our client is a fast-growing fintech organization operating in a highly regulated financial environment. The company delivers secure, high-performance investment and trading solutions and is focused on building a scalable, compliant, and security-first technology platform. They are seeking a Security DevOps Engineer to embed a “Security Everywhere” culture across their infrastructure and development lifecycle. The role places strong emphasis on Kubernetes and CI/CD security, while also covering identity management, network security, and data protection across the full technology stack. Full remote - Europe Zakres obowiązków: Identity, Access & Zero Trust • Design and maintain RBAC and ABAC models across cloud platforms, Kubernetes, and internal systems. • Implement Privileged Access Management (PAM) with just-in-time access to production environments, removing long-lived credentials. • Enforce enterprise authentication standards, including MFA, SSO, and centralized identity policies. Infrastructure & Platform Security • Secure Kubernetes environments by hardening container runtimes, enforcing Pod Security Standards, and implementing network isolation policies. • Design and deploy network segmentation, firewalls, WAF, and DDoS protection suitable for high-volume financial APIs. • Own the full lifecycle of secrets management, including certificates, credentials, and API keys, using enterprise key management solutions. CI/CD & Software Supply Chain Security • Integrate automated security checks (SAST, DAST, SCA) into CI/CD pipelines to prevent vulnerabilities from reaching production. • Implement container image and artifact signing to ensure only trusted code is deployed. Compliance, Auditing & Monitoring • Ensure infrastructure access and changes are fully logged, immutable, and auditable to support regulatory and security frameworks (e.g., SOC 2, ISO 27001). • Integrate security monitoring and alerting into observability platforms to detect suspicious activity in real time. Oferujemy: Engagement type: B2B / Contract Duration: Long-term cooperation Work model: Full-time commitment Level: Senior / Expert Start: ASAP or by mutual agreement Location: Remote