Senior DevSecOps Engineer

Who Are We?

Since 2005, Kafein Technology Solutions has been delivering services, solutions, and products to meet the software and technology management needs of its national and international customers in the technology, banking, telecommunications, tourism, services, retail, and insurance sectors. The company has successfully implemented projects in areas such as mobile payment systems, e-commerce, and telecommunications, as well as advanced fields like big data analytics, KVKK compliance, cybersecurity, and mobile application development. These projects are utilized by leading institutions in Turkey and around the world.

In addition to its comprehensive services and solutions, Kafein Technology continues to drive innovation in the sector through its global business partnerships and R&D projects conducted in the technopark, a designated technology development zone.

With its rich product portfolio designed to meet customer needs, Kafein Technology develops innovative solutions that deliver a competitive edge in the field of data governance and security. TDM, which streamlines testing processes with intelligent data usage; Dataskope, a tool for monitoring and preventing database activity; Data Touch, a user-friendly data management solution; and Data Focus, a robust data governance tool for protecting sensitive data are among its standout solutions.

Closely following the advancements in the technology sector and focusing on innovations in the this field, Kafein Technology offers comprehensive services and solutions tailored to its customers' needs with its All-in Cyber brand in the field of Cyber security and All-in Cloud brand in the field of Cloud solutions. All-in Cyber focuses on cybersecurity by integrating processes, people, and technology to enhance information security and create an effective defense against cyberattacks. Meanwhile, All-in Cloud, established through Kafein Technology's strategic partnership with Google Cloud, makes cloud technologies accessible, providing innovative solutions that drive growth, innovation, and digital transformation for its customers.

Kafein Technology leverages its subsidiaries to expand the range of services, solutions, and products it provides. Among these subsidiaries are Karmasis and Apifort Software, both of which offers a successful product portfolio in the field of cybersecurity.

As the 15th publicly traded IT company in Turkey, Kafein Technology achieved an average annual growth rate of 70% consolidated from 2018 to 2023. With its team of 750 professionals, global customers, and business partners, it continues to pursue its innovative vision focused on quality and satisfaction, further strengthening its position among the leading companies in the sector.

General Qualification

• Bachelor’s degree in Computer Engineering, Software Engineering or a related field,
• At least 4 years of work experience in Cyber Security,
• Experience in using tools for secure software development (e.g SAST, DAST, IAST, SCA,Container Security),
• Knowledge of common classes of vulnerabilities and how to mitigate the risks in applications and infrastructure,
• Broad security knowledge and practical experience in designing risk-oriented security solution,
• A diverse security background with knowledge in several areas, including layered security architecture, internet protocols, API security, mobile and web applications security, VPN, firewalls, WAF, IDPS risk and vulnerability assessments and compliance,
• Proven experience participating in multiple security programs, projects and initiatives,
• Good communication and collaboration skills to work with diverse teams and stakeholders,
• Experience working in complex operational ICT environments,
• Relevant certifications in Cyber Security (e.g OSCP ,CEH or similar),
• Fluent in English both written and spoken.

Responsibilities

• Provide expert consultancy for the integration and operationalization of DevSecOps tools and practices, including SAST, DAST, SCA, and Container Security solutions,
• Support the identification, analysis, and resolution of application security issues across the development lifecycle,
• Conduct end-to-end analysis of vulnerabilities, including validation, classification, and remediation recommendations,
• Collaborate closely with DevOps teams, developers, and Product Owners to embed security controls and secure coding principles into workflows,
• Perform false positive analyses to reduce noise in vulnerability reports and streamline developer remediation efforts,
• Act as a trusted advisor by guiding development teams on secure software development practices, coding standards, and threat modeling techniques,
• Monitor and identify vulnerabilities that exceed SLA thresholds, and coordinate with relevant stakeholders to ensure timely mitigation,
• Support penetration testing activities by collaborating with the Secure by Design team, interpreting findings, and facilitating remediation strategies.

Linkedin üzerinden elektronik olarak ileteceğiniz kişisel bilgileriniz, Kafein Yazılım Hizmetleri Ticaret A.Ş. bünyesinde oluşacak mevcut ve gelecek işe alım ihtiyaçları doğrultusunda istihdam olanaklarının değerlendirilmesi amacıyla 7 Nisan 2016 tarihli Resmi Gazete’de yayımlanan 6698 sayılı Kişisel Verilerin Korunması Kanunu kapsamında veri sorumlusu olarak tarafımızca işlenecek ve veri tabanımızda gizlilik içerisinde saklanacaktır. Bu işe başvurarak, özgeçmişinizin veri tabanımızda yer almasını kabul etmiş olduğunuzu bildirmek isteriz.