Senior DevSecOps Engineer / Security Compliance Engineer / DevOps

Wymagania: - Proven experience in product security, DevSecOps, security compliance, or secure software engineering. - Hands-on experience with vulnerability management, including vulnerability registers, security gates, CVE monitoring, SAST/SCA triage, prioritization, and false-positive handling. - Strong experience with SAST and SCA tools for C/C++ projects, including practical experience with Veracode. - Practical experience preparing C/C++ codebases for static analysis. - Experience with SBOM generation and common formats such as CycloneDX and SPDX. - Experience with CI/CD security integration, preferably using GitHub Actions. - Strong hands-on experience with GitHub as the main VCS platform, including repository migrations from SVN, Bitbucket, GitLab, or similar systems. - Good knowledge of C/C++ embedded development, including embedded Linux, RTOS, bare-metal environments, build systems, and toolchains such as CMake, Make, Yocto, Buildroot, FreeRTOS, Zephyr, GCC ARM, IAR, and vendor HALs. - Practical Python, Linux command line, and Bash skills for automation, tooling, and engineering support. - Strong communication skills, collaborative mindset, autonomy, ownership, and ability to work across complex or legacy engineering environments. O firmie: - Vision - Advancing Global Industries with Tech and Engineering - Our vision is to redefine the landscape of technology, driving progress with innovative solutions and the pinnacle of engineering expertise. - Mission - We harness the power of breakthrough technology with confidence and deliver practical, effective solutions. Our commitment to pushing boundaries drives us to provide our clients with innovative products and services at the cutting edge of engineering. Our dedication to excellence and fostering progress creates value through ingenuity with every project we undertake. - Values - We deliver cutting-edge, practical solutions with unwavering excellence, driven by our customer's needs and defined by our passion for engineering. Our commitment to integrity, collaboration, and sustainability ensures that every project sets new industry benchmarks and reinforces our confidence in our abilities. Zakres obowiązków: - Build and maintain vulnerability management processes, including centralized vulnerability tracking, ownership, traceability, CVE monitoring, triage, prioritization, and false-positive handling. - Configure and operate SAST and SCA tooling for C/C++ and embedded projects, primarily using Veracode, Veracode SCA, and yocto-cve-check where applicable. - Prepare C/C++ codebases for static analysis, including preprocessed sources, compilation requirements, and debug symbols. - Generate and maintain SBOMs using formats such as CycloneDX and SPDX. - Integrate security tooling and security gates into CI/CD pipelines, primarily using GitHub Actions, reusable workflows, and composite actions. - Work with GitHub as the primary version control platform and support migrations from SVN, Bitbucket, or GitLab into GitHub. - Work with heterogeneous embedded environments, build systems, and toolchains, including CMake, Make, Yocto, Buildroot, RTOS, bare-metal projects, GCC ARM, IAR, vendor HALs, and custom build environments. - Use Python, Linux command line, and Bash for automation and engineering tooling. - Collaborate closely with development teams and stakeholders, presenting security findings in a practical and developer-friendly way. Oferujemy: - Full autonomy in shaping tooling, workflows, and engineering standards. - Work on a high-impact strategic initiative in the area of product security and compliance. - Exposure to a broad portfolio of products, including embedded and long-lifecycle systems. - Friendly, engineering-driven culture with a strong focus on ownership. - Work location in Wrocław or Gdańsk. - Contract duration: 12–18 months.