DevSecOps

Tasks • Design and implement security controls across applications, infrastructure, and cloud environments. • Integrate SAST, DAST, SCA, secret scanning, and container image scanning into CI/CD pipelines. • Establish security gates and support development teams in vulnerability remediation. • Harden cloud environments and secure IaC, logging, monitoring, and access control. • Run continuous vulnerability management: scanning, risk-based prioritization, and remediation oversight. • Support monitoring, incident response, root cause analysis, and corrective actions. • Secure containers and Kubernetes clusters, including RBAC and runtime policies. • Support compliance with frameworks such as ISO 27001, NIST CSF, and SOC 2, including control evidence documentation Requirements • At least 3 years of experience in cybersecurity, DevSecOps, or a related role. • Hands-on experience with AppSec and security testing tools (SAST, DAST, SCA, secret scanning). • Experience securing CI/CD pipelines and SDLC practices. • Experience in cloud security and infrastructure hardening. • Knowledge of containers, Kubernetes, and secure runtime configuration. • Ability to work with SIEM, logs, and incident response workflows. • Knowledge of security standards and frameworks (ISO 27001, NIST, SOC 2). • Good English and strong cross-team communication skills. Nice to Have • Security certifications (e.g., Security+, CISSP, CCSP, CKS). • Experience with policy-as-code and security automation. • Knowledge of threat modeling and secure architecture reviews. • Experience in projects with strict compliance requirements. We Offer • Real impact on the security posture of engineering processes and platforms. • Work at the intersection of security, DevOps, and cloud architecture. • Growth opportunities in modern cybersecurity domains. • Stable employment terms and a collaborative engineering culture. We offer • Work in a friendly, well-coordinated team of enthusiasts • Stable employment in a modern company with an established market position • Attractive salary and benefits package (e.g., private medical care, sports card) • Opportunities for professional development and participation in innovative projects