Senior DevSecOps Engineer

co.brick talents — powered by AI, powered by people.   The primary objective of this project is to ensure a vast and diverse portfolio of products—specifically the Fluke device ecosystem—meets the rigorous requirements of the upcoming Cyber Resilience Act (CRA). This is not a greenfield project; it involves "injecting" security controls into existing, often legacy codebases, heterogeneous toolchains, and varied build systems. Details • Timeline: April 1, 2026 – December 31, 2026 • Rate: 130-150 PLN/h net + VAT (B2B) • Location: 100% Remote • Seniority: Senior Responsibilities • CRA Compliance: Translate legal and product compliance requirements into concrete technical solutions within CI/CD pipelines. • Security Automation: Launch and scale SAST/SCA tools (e.g., Veracode, CodeSonar) and generate/maintain SBOMs (Software Bill of Materials). • Toolchain Integration: Work with multiple build systems (CMake, Make, vendor-specific solutions) and implement reusable security workflows. • Vulnerability Management: Co-create a central database for vulnerabilities and waivers to ensure consistent risk management and audit traceability. • Legacy Transformation: Introduce automation and security controls in environments with a high number of repositories and limited existing CI/CD. • Ownership: Demonstrate a high level of independence by launching end-to-end solutions in a complex ecosystem of long-lifecycle devices. Requirements • Expertise: Strong engineering profile combining DevOps/CI/CD with application and product security. • Programming: Proficiency in C/C++ (essential for understanding the embedded and legacy codebase). • CI/CD Tools: Advanced experience with GitHub Actions, GitLab CI, and AWS. • Security Analysis: Practical experience with SAST and SCA tools for existing codebases. • Compliance Mindset: Experience working with security regulations or product compliance.