Senior DevSecOps Engineer – CI/CD and Cloud Security

Unleash innovation at the forefront of secure software delivery — shape the future of DevSecOps! Krakow-based opportunity with hybrid work model, allowing up to 3 remote days per week.As a Senior DevSecOps Engineer – CI/CD and Cloud Security, you will be working for our client, a leader in advancing secure and efficient software development pipelines. You will own and evolve the Jenkins Shared Library, powering multi-language builds (Java/Maven, Node/NPM, Python, Helm, Terraform, containers). Your expertise will ensure fast, secure, provenance-rich pipelines that reinforce supply-chain integrity across teams — driving innovation and security in software delivery. Your main responsibilities: • Design and maintain Groovy pipeline steps (build, test, package, scan, deploy). • Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation (SonarQube, Sonatype IQ, SAST/Container). • Optimize pipeline performance through parallel builds, caching, scope-reduced BOMs, and dependency prefetch. • Ensure artifact integrity with correct SHA1/SHA256 mapping, reproducible inputs, and evidence modeling. • Refactor legacy scripts to improve reliability and standardization. • Document ci-config.yaml standards and usage patterns. • Mentor engineers on secure pipeline development and supply-chain security practices. • Troubleshoot and prevent pipeline incidents to maintain smooth delivery. You're ideal for this role if you have: • 5+ years of engineering experience with CI/CD platforms and DevSecOps. • Strong expertise in Jenkins and Groovy shared libraries. • Advanced Python automation skills (JSON/YAML processing, scripting). • Deep knowledge of Maven, NPM, Python packaging, with exposure to Helm, Terraform, and container image metadata. • Solid understanding of supply-chain security (SLSA, CycloneDX SBOM, digests). • Experience with SonarQube, Sonatype IQ, container and SAST scanning. • Proven track record in performance tuning (caching, parallelization, dependency pruning). • Awareness of compliance standards in security and software supply chain. It is a strong plus if you have: (optional) • Experience with artifact signing and attestations (cosign, OCI). • Patterns for publishing Terraform modules and Helm charts. • GitOps or release automation expertise. • Cloud experience with GCP or AWS. Language Required for the role: Fluent English proficiency. Eligibility for the role: Only candidates with an existing legal right to work in the European Union will be considered for this role. #MAKEYourCareerBETTER Interested? Apply now and include your CV (preferably in English) along with a statement confirming your consent to the processing and storage of your personal data.