DevSecOps Engineer

Nasze wymagania: 7+ years of engineering experience, with 3+ years focused on CI/CD platforms or DevSecOps. Solid expertise in Jenkins, Kubernetes (K8s) and Groovy Shared Libraries. Advanced Python automation scripting (JSON/YAML processing, CLI tooling). Strong understanding of Maven, NPM, Python packaging; familiarity with Helm, Terraform, and container metadata. Hands-on experience with supply-chain security, including SLSA frameworks, SBOM formats (CycloneDX), and cryptographic digests. Security tools knowledge: SonarQube, Sonatype IQ, SAST, container scanning. Proven track record in performance optimization of CI/CD pipelines. Awareness of compliance and secure coding practices. Mile widziane: Experience with artifact signing/attestations (e.g., cosign, OCI standards). Hands-on knowledge of publishing Terraform modules and Helm charts. Exposure to GitOps or automated release management. Proficiency with major cloud providers, especially GCP or AWS. O projekcie: Are you passionate about secure, high-performance CI/CD systems and cutting-edge DevSecOps practices? We are looking for a DevSecOps Engineer to own and evolve our Jenkins Shared Library, which powers multi-language builds including Java/Maven, Node/NPM, Python, Helm, Terraform, and container images. Your work will strengthen supply-chain integrity, deliver secure, provenance-rich pipelines (SLSA, SBOM, digests), and ensure a seamless developer experience across teams. Zakres obowiązków: Design and maintain Groovy pipeline steps for build, test, package, scan, and deploy workflows. Extend Python tooling for: SLSA provenance and SBOM generation; Hash/digest validation Security scan aggregation (SonarQube, Sonatype IQ, SAST, Container scans) Optimize pipeline performance (parallel builds, caching, reduced BOM scope, dependency prefetch). Guarantee artifact integrity through SHA1/SHA256 mapping and evidence modeling. Refactor legacy scripts for maintainability and standardization. Document ci-config.yaml patterns and enforce best practices. Mentor engineers on secure pipeline development and compliance practices. Troubleshoot and proactively prevent pipeline-related incidents. Note: Detailed project information will be shared during the recruitment process. Oferujemy: Flexible cooperation model – choose the form that suits you best (B2B, employment contract, etc.) Hybrid work setup – 2 days per month in the office in Kraków Collaborative team culture – work alongside experienced professionals eager to share knowledge Continuous development – access to training platforms and growth opportunities Comprehensive benefits – including Interpolska Health Care, Multisport card, Warta Insurance, and more High quality equipment – laptop and essential software provided