Senior DevSecOps Engineer – CI/CD and Cloud Security

Unleash cybersecurity innovation — redefine DevSecOps practices at scale! Krakow-based opportunity with hybrid work model.As a Senior DevSecOps Engineer, you will be working for our client, a global leader in cloud security and software development. You will own and evolve their Jenkins Shared Library to power multi-language builds (Java/Maven, Node/NPM, Python, Helm, Terraform, containers), delivering fast, secure, and provenance-rich pipelines that enhance supply-chain integrity across teams. This role offers the chance to drive automation excellence and reinforce security in modern CI/CD environments, fostering continuous innovation and growth. Your main responsibilities: • Design and maintain Groovy pipeline steps for build, test, package, scan, and deploy processes. • Extend Python tooling to enhance SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation. • Optimize pipeline performance through parallelization, caching, and dependency management. • Ensure artifact integrity with correct SHA1/SHA256 mapping and reproducible inputs. • Refactor legacy scripts to improve code quality and standardization. • Document ci-config.yaml standards and best practices for teams. • Mentor engineers on secure pipeline development and supply-chain security practices. • Troubleshoot and proactively prevent pipeline incidents to ensure seamless integration. You're ideal for this role if you have: • At least 5 years of engineering experience, with 3+ years in CI/CD or DevSecOps. • Strong expertise with Jenkins and Groovy shared libraries. • Advanced Python automation skills (JSON/YAML processing, scripting). • Deep knowledge of Maven, NPM, Python packaging; exposure to Helm, Terraform, and container image metadata. • Solid understanding of supply-chain security concepts (SLSA, CycloneDX SBOM, digests). • Experience with SonarQube, Sonatype IQ, and container/SAST scanning tools. • Proven performance tuning skills — caching, parallel builds, dependency pruning. • Awareness of compliance standards and best practices. It is a strong plus if you have: (optional) • Experience with artifact signing/attestation tools like cosign or OCI. • Familiarity with Terraform modules and Helm chart publishing patterns. • Knowledge of GitOps or release automation processes. • Cloud experience with GCP or AWS. Language Required for the role: Fluent English communication skills are essential. Eligibility for the role: Only candidates with an existing legal right to work in the European Union will be considered for this role. #MAKEYourCareerBETTER Interested? Apply now and include your CV (preferably in English) along with a statement confirming your consent to the processing and storage of your personal data.