DevSecOps Engineer

DevSecOps Engineer

Mindbox Sp. z o.o.

28000 - 33000 PLN / HOUR
Hybrid
B2B

Hexjobs Insights

Stanowisko: DevSecOps Engineer. Zakres obowiązków: projektowanie i utrzymanie kroków pipeline, optymalizacja wydajności, mentoring. Wymagania: 7+ lat doświadczenia, biegłość w Jenkins i Groovy.

Schlüsselwörter

DevSecOps
CI/CD
Groovy
Python
Jenkins
Maven
SonarQube
supply-chain security
performance tuning
cloud experience

Vorteile

  • Elastyczny model współpracy – wybierz najlepszą dla siebie formę (B2B, umowa o pracę itp.)
  • Hybrydowy model pracy – 6 dni w miesiącu w biurze (Kraków)
  • Kultura współpracy zespołowej – praca z doświadczonymi profesjonalistami
  • Dostęp do platform szkoleniowych i możliwości rozwoju
  • Kompleksowe benefity – w tym opieka zdrowotna Interpolska, karta Multisport, ubezpieczenie Warta
  • Wysokiej jakości sprzęt – laptop i niezbędne oprogramowanie

Technologies we use

About the project

Your responsibilities

  • Design and maintain Groovy pipeline steps (build, test, package, scan, deploy)
  • Extend Python tooling for SLSA provenance, SBOM generation, hash/digest accuracy, and security scan aggregation
  • Optimize performance (parallel builds, caching, scope-reduced BOMs, dependency prefetch)
  • Ensure artifact integrity (correct SHA1/SHA256 mapping, reproducible inputs, evidence modeling)
  • Refactor legacy scripts (remove global state, consolidate hashing, standardize templates)
  • Document ci-config.yaml standards and usage patterns
  • Mentor engineers on secure pipeline development and supply-chain practices
  • Troubleshoot and prevent pipeline incidents
  • Note: Detailed project information will be shared during the recruitment process.

Our requirements

  • 7+ years of engineering experience; 3+ years in CI/CD platform or DevSecOps
  • Strong Jenkins + Groovy shared library expertise
  • Advanced Python automation (JSON/YAML processing, tooling scripts)
  • Deep knowledge of Maven/NPM/Python packaging; exposure to Helm/Terraform and container image metadata
  • Supply-chain security (SLSA, CycloneDX SBOM, digests)
  • Experience with SonarQube, Sonatype IQ, container and SAST scanning
  • Proven performance tuning (caching, parallelization, dependency pruning)
  • Compliance awareness

Optional

  • Artifact signing / attestations (cosign, OCI)
  • Terraform module and Helm chart publishing patterns
  • GitOps or release automation experience
  • GCP/AWS cloud experience

This is how we organize our work

This is how we work

This is how we work on a project

What we offer

  • Flexible cooperation model – choose the form that suits you best (B2B, employment contract, etc.)
  • Hybrid work setup – 6 days per month in the office (Kraków)
  • Collaborative team culture – work alongside experienced professionals eager to share knowledge
  • Continuous development – access to training platforms and growth opportunities
  • Comprehensive benefits – including Interpolska Health Care, Multisport card, Warta Insurance, and more
  • High quality equipment – laptop and essential software provided

Benefits

Aufrufe: 7
Veröffentlichtvor 18 Tagen
Läuft abin 12 Tagen
Art des VertragsB2B
ArbeitsmodusHybrid

Ähnliche Jobs, die für Sie von Interesse sein könnten

Basierend auf "DevSecOps Engineer"

Keine Angebote gefunden, versuchen Sie, Ihre Suchkriterien zu ändern.