DevSecOps

At HireVision, we find opportunities tailored to you. Unlock your potential and accelerate your career with us!

Currently, for our client, an international consulting corporation, we are recruiting for the Cybersecurity Team. This department focuses on securing systems and applications at every stage of the software development lifecycle, adhering to principles such as "Security by Design" and "Security by Default." By joining this team, you will engage in exciting and innovative projects for prominent Polish and international clients in the areas of cybersecurity and cloud security.

Your responsibilities will include, among others:

• Implementing security principles from the beginning of the SDLC, supporting innovation and development.
  
• Migration, transformation, and integration of security into new technology layers and public cloud environments.
  
• Automating security tasks within DevOps processes using tools such as Ansible, Azure DevOps, Jenkins, and GitLab.
  
• Conducting security assessments of hybrid solutions in public cloud security (Azure, GCP, AWS).
  
• Securing public cloud environments and microservices-based environments (AKS, GKE, EKS, Red Hat Openshift).
  
• Analyzing the security of APIs, applications, or IaC code, and enhancing DevOps environments with robust security elements.
  
• Designing and developing CI/CD environments by integrating security tools (SonarQube, DefectDojo, Fortify, Checkmarx, Veracode, Checkov, Semgrep, Nessus, Aqua Security).

• Knowledge of cybersecurity or a willingness to deepen expertise in this field, supported by several years of experience in IT or a DevOps role.
• Experience with one of the three leading cloud platforms: Azure, GCP, or AWS.
• Practical knowledge of CI/CD processes and tools such as Azure DevOps, Jenkins, GitHub, etc.
• Familiarity with web application security topics (e.g., OWASP TOP 10), secure coding best practices, and knowledge of common attack methods (XSS, CSRF, SQL injection, etc.) and frameworks like MITRE.
• Hands-on experience with models such as on-prem, IaaS, PaaS, and SaaS.
• Experience with containerization (Docker) and container-based infrastructure platforms like Kubernetes, OpenShift, Anthos, etc.
• Knowledge of SAST, DAST, and SCA and their practical implementation in CI/CD processes, as well as authentication, authorization, or session management (SAML, OAuth, SSO, etc.).
• Understanding of the SSDLC process and its components, Rest API technologies, and API Gateway concepts.

What the employer offers:

• Employment under an employment contract (B2B is not available).
• Private medical care, life insurance, and an employee stock program.
• Access to the MyBenefit platform (a wide range of products and services, including the Multisport card).
• Individual support from a Career Counselor, a defined career development path, and access to coaching sessions.
• Comprehensive training package (soft and technical skills training, e-learning platforms, financial support for courses and certifications).
• Participation in global-scale projects for top international Fortune 500 companies using the latest technologies and tools.
• Employee Assistance Program – free consultations for legal, financial, or psychological support.
• Paid employee referral program.

Apply today! Our team will be happy to provide you with more details about the offer and answer any questions you may have.