DevSecOps

Design and implement security controls across applications, infrastructure, and cloud environments.

Integrate SAST, DAST, SCA, secret scanning, and container image scanning into CI/CD pipelines.

Establish security gates and support development teams in vulnerability remediation.

Harden cloud environments and secure IaC, logging, monitoring, and access control.

Run continuous vulnerability management: scanning, risk-based prioritization, and remediation oversight.

Support monitoring, incident response, root cause analysis, and corrective actions.

Secure containers and Kubernetes clusters, including RBAC and runtime policies.

Support compliance with frameworks such as ISO 27001, NIST CSF, and SOC 2, including control evidence documentation

At least 3 years of experience in cybersecurity, DevSecOps, or a related role.

Hands-on experience with AppSec and security testing tools (SAST, DAST, SCA, secret scanning).

Experience securing CI/CD pipelines and SDLC practices.

Experience in cloud security and infrastructure hardening.

Knowledge of containers, Kubernetes, and secure runtime configuration.

Ability to work with SIEM, logs, and incident response workflows.

Knowledge of security standards and frameworks (ISO 27001, NIST, SOC 2).

Good English and strong cross-team communication skills.

Security certifications (e.g., Security+, CISSP, CCSP, CKS).

Experience with policy-as-code and security automation.

Knowledge of threat modeling and secure architecture reviews.

Experience in projects with strict compliance requirements.

Real impact on the security posture of engineering processes and platforms.

Work at the intersection of security, DevOps, and cloud architecture.

Growth opportunities in modern cybersecurity domains.

Stable employment terms and a collaborative engineering culture.