DevSecOps Engineer

This is a fully remote position, open to applicants in Germany.

📋 Description

• Design and create secure multi-cloud infrastructure utilizing Terraform/Terragrunt while adhering to security best practices.

• Develop and implement secure CI/CD pipeline infrastructure incorporating SAST/DAST integration and security gates.

• Architect and deploy Azure Sentinel SIEM infrastructure alongside Logic Apps to facilitate automated incident response.

• Construct and sustain Cloudflare Zero Trust network architecture, including tunnels and security policies.

• Create Infrastructure as Code templates for secure Kubernetes clusters, incorporating network policies and RBAC.

• Establish a comprehensive secrets management infrastructure utilizing AWS Secrets Manager and HashiCorp Vault.

• Design a security monitoring infrastructure with centralized logging, employing the ELK stack and FluentBit.

• Develop an automated vulnerability scanning infrastructure along with remediation workflows.

• Execute database security hardening for MySQL, PostgreSQL, and Redis clusters.

• Formulate network segmentation and micro-segmentation strategies for containerized environments.

• Create security automation tools and infrastructure for threat hunting and incident response purposes.

• Architect backup and disaster recovery infrastructure with integrated security controls and encryption.

• Establish security testing infrastructure for application and infrastructure vulnerability evaluations.

⛳️ Requirements

• Over 10 years of experience in Infrastructure Security/DevSecOps within enterprise settings.

• Mastery of Terraform/Terragrunt for secure infrastructure provisioning.

• In-depth understanding of AWS security services, including GuardDuty, Security Hub, Config, CloudTrail, EKS, ECR, RDS, EC2, ECS, and S3.

• Proficient in Kubernetes security architecture, including Pod Security Standards, Network Policies, and RBAC.

• Practical experience with infrastructure vulnerability scanning and remediation.

• Expertise in network security architecture and Zero Trust implementation methodologies.

• Strong knowledge of container security and image scanning infrastructure.

• Experience in designing and implementing SIEM/SOAR infrastructure.

• Familiarity with PKI infrastructure and large-scale certificate management.

• Understanding of database security architecture and encryption methodologies.

• Experience with infrastructure compliance automation and policy as code practices.

• Proficiency in security automation scripting languages such as Python, Go, and Bash.

• Capability to design secure CI/CD infrastructure and ensure supply chain security.

• Strong skills in infrastructure troubleshooting and responding to security incidents.

• Relevant security certifications such as CISSP, CCSP, AWS Security Specialty, AWS Solution Architect, and AWS DevOps Professional.

• Familiarity with service mesh security architecture, including Istio and Linkerd.

• Knowledge of infrastructure security scanning tools.

• Experience with security orchestration and automated remediation platforms.

• Understanding of threat modeling and security architecture review processes.

• Knowledge of infrastructure penetration testing and red team exercises.

• Experience in developing security metrics and KPI infrastructure for executive reporting.

🏝️ Benefits

• Bi-annual company-wide trips (2023 Armenia, 2025 Switzerland, and more to come!)

• Fully remote work opportunities from Germany, the UK, or France.

• High flexibility in work arrangements.

• Employee-focused company culture.

• An innovative and collaborative team environment.

• Excellent working conditions.