Senior DevSecOps Engineer

O projekcie: Why we're hiring for this role: We're rapidly expanding, and with that comes an increasing urgency to mature our security posture. Compliance readiness, and proactive risk management are becoming equally critical — this role will be a key driver of those efforts alongside infrastructure ownership. This could be a unique opportunity to have a big impact in owning security initiatives and establishing a strong security baseline at Zocks. Wymagania: - Deep understanding of AWS (EC2, Networking, RDS), ideally also some familiarity with Azure and GCP- Expert understanding of Linux- Solid scripting skills in one or more of the following languages: Python, Go, Java, Rust, C- Solid knowledge of private and public networking including VPN, firewalls, zero-trust network architecture, and securing ingress/egress traffic- Proficiency in managing multi cluster container environments, preferably with Kubernetes- Preference for a solid understanding of immutable infrastructures and IaC tooling (Terraform)- Experience with cloud security tooling (AWS Security Hub, GuardDuty, IAM policy hardening, network ACLs, SCPs)- Familiarity with penetration testing methodologies — able to understand findings, prioritize remediation, and coordinate fixes across teams- Knowledge of secrets management (Vault, AWS Secrets Manager) and PKI/certificate lifecycle management- Understanding of security frameworks and compliance requirements (SOC 2, ISO 27001, CIS Benchmarks) — audit preparation experience is a plus- Experience with runtime security and threat detection tools (Falco, Wiz, Crowdstrike, or similar) is an advantage- Fluent English and Hungarian language knowledge Codzienne zadania: - Owning the full cloud infrastructure lifecycle across multi-region environments - Owning and hardening the security perimeter across cloud and network boundaries - Triaging and remediating findings from penetration tests and vulnerability scans in collaboration with external security partners - Creating and maintaining our delivery pipeline from developer machines to production, including automated security checkpoints, secrets scanning, and dependency auditing. - Supporting compliance initiatives (e.g. SOC 2, ISO 27001, NIST) through infrastructure controls, audit logging, and evidence collection - Optimizing network topology for the best possible connectivity, latency and throughput for end users